Microsoft Extends Updates For Windows XP Security Products Until July 2015

An anonymous reader writes "Microsoft today announced it will continue to provide updates to its security products for Windows XP users through July 14, 2015. Previously, the company said it would halt all updates on the end of support date for Windows XP: April 8, 2014. For consumers, this means Microsoft Security Essentials will continue to get updates after support ends for Windows XP. For enterprise customers, the same goes for System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection, and Windows Intune running on Windows XP."

Final Update to XP

[Anonymous Coward]

I want to see Microsoft issue one last update to every version of IE available on XP that replaces all of their cryptic as fuck SSL errors so instead of saying "the site you are trying to go to is broken" they say "The site you are trying to go to requires a higher level of security than is available on windows XP". Hell, throw a store link in there so they can go buy windows 9 or whatever and upgrade their security, damned if I care.

Until then, it is single-handedly holding back TLS 1.x (>0) and SNI adoption. I can't turn it on on my server or half my customers will call to blame me for my server being "down".

Comment removed

[account_deleted]

Comment removed based on user account deletion

holy fucking nut balls

[slashmydots]

I did not see this coming. I'm CIO and for the last 2 years I've warned the bosses about the problem @ about 95% XP and so far in those 2 years we've replaced negative 2. We added 2 seats and replaced zero lol. Every 100 days (the pattern I developed) they kicked it to the next period. Time to spend the $20 we do have in the IT budget to get a cake tomorrow and I'll announce it to the bosses!
But seriously, our shared and internet surfer and PoS computers are just fine with a socket 775 HT Pentium chip and 2GB of RAM. Why pull them just for XP?

Server 2003

[Anonymous Coward]

I knew this was going to happen because Server 2003 was planned to receive extended support until July 14, 2015 and Server 2003 (NT 5.2) is the server edition of Windows XP (NT 5.1).

You're Welcome.

Re:*sigh*

[Luckyo]

Actually most modern games still run on 4GB RAM just fine even on w7 64bit. There is a very small subset of games that do require more, most of them terribly optimized and usually still in alpha/early beta.

Extra RAM on windows mainly helps mitigate memory leaks and hide the fact that Vista/7 is a huge memory hog with massively greater RAM requirements for OS overhead than XP ever was. Which doesn't impact you if you stay on XP. Microsoft also claims it helps caching, and to a certain extent it does. But in most cases, this advantage is negligible.

So more RAM makes sense on 7. But XP? Not so much. Which is another reason NOT to move from XP.

Re:No, this is smart. This is to keep the customer

[WaffleMonster]

Actually he's correct and you're the one with no clue. Modern attack vectors are not the OS holes - they are browser holes, email software holes, PDF reader holes and so on. In fact, essentially all OS holes that can be exploited directly without third party are secured by a solid third party firewall.

I've noticed a number of GDI and Font type patches drop over the last years... these can get thru firewalls and exploit OS specific issues from any number of browsers or document rendering technology. Coupled with a few privilege escalation vulns of which there are infinite numbers and the result is you can still get owned pretty quickly hiding behind your firewalls.

Re:*sigh*

[LordLimecat]

Its been explained a million times, from people pointing out how Win7 had strong ASLR before any other major OS, to the fact that Windows was NOT the first to fall in the yearly Pwn2Owns for the first 5-6 years (that would be OSX).

Ever since admin-by-default was killed and UAC was introduced in Vista, there has been very little substantial security advantage in Linux except for two things-- the better updating system (since most vulnerabilities exist in third party programs, this is a better mitigation than anything Windows has), and its relative market obscurity. If Pwn2Own has taught us anything, its that all systems have driveby exploits; its just a matter of having the right incentive (such as a free macbook if you succeed).

If your machines are bare or just depend on the built-in firewall, they are not secure.

Thats pretty arbitrary, but OK. You could argue that the "out of the box" nature of Windows makes it less secure, except that file sharing is off by default since Vista (with the network location doohicky), and either way there are a LOT of consumer-oriented Linux distros that share the same problem. I havent seen one that has the nice auto-configuring firewall that Windows has since vista, however.