Microsoft Extends Updates For Windows XP Security Products Until July 2015 417
An anonymous reader writes "Microsoft today announced it will continue to provide updates to its security products for Windows XP users through July 14, 2015. Previously, the company said it would halt all updates on the end of support date for Windows XP: April 8, 2014. For consumers, this means Microsoft Security Essentials will continue to get updates after support ends for Windows XP. For enterprise customers, the same goes for System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection, and Windows Intune running on Windows XP."
Comment removed (Score:5, Informative)
Re:Oh great... (Score:5, Informative)
This only refers to updates to their AV and Anti Malware products, the OS update will still stop on that date.
It is a good excuse to get Management that might have been dragging their tails up update to something more modern.
Re:*sigh* (Score:3, Informative)
It just sucks that MS doesn't make a 32b, legacy, low footprint OS for those that need to run old software.
First, you can get Win 7 Pro in a 32 bit version. And let's not forget about this [microsoft.com]?
Re:*sigh* (Score:3, Informative)
God forbid you're moving to 64-bit and dealing with old .NET apps that nobody's going to ever re-write.
Oh, it's more insidious than that. One of the 64-bit issues we had to deal with was Microsoft's IPv6 extensions to proxy.pac files. Even though the apps were 32-bit and the machines were on an IPv4-only network, you had to have essentially-duplicate FindProxyForURLEx() functions in the proxy.pac file if the machines were Windows Vista/7/8 64-bit. Contrary to documentation, the 64-bit machines weren't even using the FindProxyForURL() functions. And forget about what happens when ClickOnce is involved.
Re:*sigh* (Score:4, Informative)
>Being 64b is an *actual* reason to upgrade
For office drones? Really? That 3.5GB RAM limit was a bit of a nuisance for some specific things, but realistically how many office computers ever run up against it? No argument that servers and "Big Iron" can benefit substantially *if* the dataset is large enough to be seriously RAM limited. Even serious gaming rigs can often benefit dramatically from all that extra RAM and vectorization potential. But how many office applications can actually benefit notably from vectorized instruction optimizations? They spend almost all their time waiting on the user anyway, it doesn't really matter how fast they do it.
Re:*sigh* (Score:5, Informative)
Don't forget having a KMS infrastructure where every single machine in the company can contact an activation server every 180 days. Yes, one can use MAK type of keying, but if a box needs a reinstall, that means one has to burn another install key.
In a previous life, I've encountered cases with legacy apps as well, where the client was 32 bit... but just would not work on Windows 7 for love or money. I ended up having to use virtual machines running XP for the dedicated program.
Of course, there is the server infrastructure Windows 7 requires. New GPOs, more disk space for updates for WSUS, more PXE images, etc.
So, a move to Windows 7 (or a major OS update for the clients for that matter) isn't something to be taken lightly in a company, because one mistake can trash hundreds to tens of thousands of desktops. At minimum, it requires a test lab and running upgrades to see what ugly issues will rear their heads.
Re:*sigh* (Score:5, Informative)
Bad planning is all too common especially when the eventual demise is a year or more away. You are talking a long term plan when management is in tactical mode trying to make the numbers for the quarter. If you are there talking about the sky falling in 4 years, you WILL be ignored. It's the nature of how publicly traded companies run. Remember that the last 5 years have been a *serious* problem world wide economically. Most companies are struggling to keep afloat without just throwing in the towel and everybody is dying waiting for any sign of recovery, which so far has not been really seen.
In a business down turn, where you are downsizing, EVERYTHING is tactical and strategic planning is out the door, like the last wave of RIFed off employees. The quickest way to get to follow all those people you used to work with out the door is to start making noise about spending money. Especially if you are in executive management hired and fired by the board. Best you can hope for is to pull the golden parachute rip cord before the chickens come home to roost and let the next poor soul who gets your job deal with it. Even in the best of times, many companies struggle with the "manage to quarter" mentality. It's always about stock price NOW not years down the road.
I for one am not surprised that a lot of companies have buried their heads in the sand and ignored this XP EOL date. So don't castigate the guy describing the problem he faces for not planning ahead. Seems to me, he's on top of the problem and fully knows what needs to be done, but he's not been given the necessary mandate and resources to actually get the problem fixed and work a viable plan. It's not HIS lack of planning, but a result of management choosing the expedient over what is best in the long term.
Re:*sigh* (Score:2, Informative)
I run XP professional x64 edtion on my office desktop at uni and my experiance has been generally pretty good
I did run into a few issues
1: the NI mydaq software flat out refused to install
2: the Data translation DT9816 worked with the low level APIs but not the high level APIs.
3: I had an add-in realtek network card (the machine is on two networks, the uni network and a private network for test equipment etc) that kept dropping the connection yet worked fine in other machines with other versions of windows. Strangely the onboard NIC (which claimed to be the same chipset) worked fine.
Other than that though pretty much everything worked. I was especially surprised that the old HP scanner I had worked and that when I replaced the failing graphics card not only were there drivers for XP proffessional x64 edition but those drivers had been updated a couple of days before I installed them.
Re:No, this is smart. This is to keep the customer (Score:2, Informative)
Actually he's correct and you're the one with no clue. Modern attack vectors are not the OS holes - they are browser holes, email software holes, PDF reader holes and so on. In fact, essentially all OS holes that can be exploited directly without third party are secured by a solid third party firewall.
All these will continue to be updated. In fact, as long as your friend runs solid 3rd party firewall software, he'll cruise for years after microsoft kills support, simply because he'll keep infection vectors closed. OS can have all the vulnerabilities it wants, as long as all the vectors to hit them are closed, you're safe. And that's where that 3rd party support is far, far more important than microsoft's support will ever be.
Re:*sigh* (Score:4, Informative)
For office drones? Really? That 3.5GB RAM limit was a bit of a nuisance for some specific things, but realistically how many office computers ever run up against it?
1) Anyone doing heavy duty spreadsheet, graphics, or database work is going to need a decent chunk of RAM
2) Modern webpages absolutely gobble up RAM. You can blame the browser, and that works, until you look at the competition and see that, wow, 5 tabs really does eat up ~500MB RAM no matter what browser you use
3) On my prior work computer, with 4GB RAM, I was booting to 3.2GB consumed off the bat. It was windows 7, granted, but the lions share of it was security and compliance crap. Start up my powershell environment, open a few browser tabs, and open a document or two and Im eating into the page file like disk thrashing was going out of style.
Re:*sigh* (Score:3, Informative)
No version of windows is safe from the internet.
This is a stupid meme, and it needs to die. If you dont understand how and why infections occur, or better yet if you dont regularly deal with IT security, its probably best not to even comment on it.
Re:Oh great... (Score:4, Informative)
Security. Windows Vista, 7, 8, and 8.1 all offer better security than XP.
Performance. Windows Vista, 7, 8 and 8.1 have better support for SATA controllers and SSDs than XP.
Modern hardware support. Eventually those 5+ year old PCs die and you have to buy new stuff.
IE > 8. See security.
Bitlocker encryption.
This is just a start. There are many reasons to upgrade past 2002 technology. XP fan boys should be shot at this point.
Re:*sigh* (Score:4, Informative)
Its 2014. Time to move on. You can get 4 gigs of ram for $50. Bare in mind Windows 7 disk and ram usage is over reported as it buffers things if the kernel detects extra ram. Disk usage is inflated from SXS which means Windows keeps extra dll versions that dynamically linked. That is a feature and you can trim with disk cleanup.
XP is a security nightmare and most MBA managers do not know or calculate this. XP doesn't scale well past 2 cores and is not optimized with CPU instructions from more modern CPUs
Re:Dear Microsoft, (Score:4, Informative)
No-one cares when Microsoft started selling XP. They care about when Microsoft STOPPED selling XP, which was only a few years ago. There are a ton of XP machines only three or four years old that work fine and are deliberately being made obsolete just so Microsoft can make money.
Well, if they stopped selling XP back in 2007 and told everyone to STFU and switch to Vista we'd be screaming bloody murder about that so damned if you do and damned if you don't. All their support lifecycle clocks start running from when they release the N+1 product (and N+2 for extended support), now that Windows 8 is out the countdown towards Windows 7 EOL is ticking even though they still allow you to buy a Windows 7 machine. Mainstream support ends January 13, 2015 and extended support January 14, 2020. It's not like this is a bloody secret, the policy has been published and the dates set long ago. In short, if you bought XP after April 14, 2009 you know (or should have known anyway) that you were buying an OS already in the extended support phase. Why is ignorance an excuse in the tech world?