Microsoft optimize

Prepare yourself for the looming deadline of Windows XP

The end of XP support is inevitable and IT pros are tasked with maintaining a productive workforce armed with the tools they need to complete mission-critical projects daily.

By Justin Strong

time_bomb.jpg
When Windows XP launched in 2001, it was widely adopted by enterprises and quickly became one of the most popular operating systems from Microsoft - and it still is today. XP is commonly believed to be short for eXPerience, which denotes the friendly user experience that enterprises and employees have relied on for productivity for over a decade.

Today, 12 years and three Microsoft operating systems later, XP still currently owns roughly 31 percent of market share - that's an estimated 500 million PCs, according to Net Market Share. On April 8, 2014, however, those 500 million PCs are scheduled for a rude awakening because if Microsoft holds to its current XP lifecycle, the extended support for XP will end, forcing those enterprises to migrate or be left open to severe security vulnerabilities.

As companies face the challenge of finding solutions to deal with this dramatic change, many will not be able to roll out new operating systems in time. In fact, Gartner has predicted that more than 15 percent of midsize and large enterprises will still have Windows XP running on at least 10 percent of their PCs in April 2014 when support ends. This leaves enterprises open to countless security threats, especially as hackers are actively pursuing XP's vulnerabilities to unleash viruses and access the sensitive data that so many organizations host on their legacy XP devices.

Why?

The question is, why are organizations so hesitant to upgrade to a new operating system? It's not because of the user-friendly interface, or the time and costs associated with OS upgrades. When XP launched, enterprises wanted to leverage this new and innovative OS as much as possible, and therefore began building custom applications and focusing considerable IT energy and work around the OS. Many of these custom-built applications for XP are still in use for mission-critical projects today - and they aren't made for Windows 7 or 8. For these organizations, they must choose between mission-critical applications and a stable, secure operating system.


Also read: Running Windows XP means you are non-compliant and open to liability


Options

Running an unsupported system leaves data at risk, putting XP-run enterprises in a difficult position. However, organizations have five options to consider prior to the April 8th deadline next year.

  1. Hire the person who built the applications (now sometimes over 10 years ago) to rewrite the application and make it compatible with other operating systems. Most organization that have/can afford this option have already migrated off of XP.
  2. Shim the app, or "trick" the application into thinking it is running in an XP environment. This option, however, is like trying to change a car tire using duct tape. It's unstable, risky and most of the time - it just won't work.
  3. Go the Citrix virtual route, for a while. It is a more secure approach to running XP in the enterprise, for a while, but also a significant drain on an IT budget if you don't already have a Citrix environment.
  4. Virtualize the application so that it will work in a different operating system - surprisingly effective, but not a "sure thing" solution.
  5. Keep XP, but lock-down administrative rights and don't let anything new be installed on it (virtual applications would be a good route here, as they don't require installations to run). This, of course, is a worst-case scenario and would only be a temporary option.

Many organizations cannot get off XP entirely by April 8, 2014. Those who cannot migrate immediately will need to prioritize quickly and make a decision on which of the above options is best suited to their needs. Those that can't make the first option happen and can't afford/justify a Citrix solution will probably have the most success with option four - virtualizing their applications. This can be technical and usually requires a lot of expertise to configure custom apps to run as virtualized versions, but most IT shops can make it work. And when facing the choice between no mission-critical app and an unsupported, risk-prone operating system, it's the easiest choice you can make.

Bottom line

Damocles-WestallPC20080120-8842A.jpg
Sword of Damocles
 The end of XP support is inevitable and IT is tasked with maintaining a productive workforce that is armed with the tools and applications they need to complete mission-critical projects daily. Organizations that cannot migrate immediately need to consider their options - and doing nothing is not one of them. Hackers are researching and gathering their resources to target legacy XP equipment after April 8, 2014. IT needs to enable day-to-day business operations outside of an XP environment, but with the fundamental applications that are so critical to an organization's bottom line.


Author bio: Justin Strong, Senior Global Product Marketing Manager, Endpoint Portfolio, Novell


Also read:

47 comments
brizpc
brizpc

If you have to use Windows XP after it's retired and you use it for banking online how secure is it, and would the browser band make a difference for security? In other words can I use Google chrome, or Firefox and be save from hacker getting my banking info?

Ronim
Ronim

I have six IBM PC-XT's running DOS and Borland Turbo-C. I also have a machine running Windows 98 and three machines running Windows XP. I also have a 16GB, Core i7 machine dual-booting Windows 7 and 8.1, I use it 99% of the time on Windows 7. For surfing the internet, email, stock trading, banking, shopping etc. I use a Google ChromeBox running ChromeOS. I can't remember the last problem that I had with any of these systems, they keep chugging along.

w.ashcraft
w.ashcraft

UHHH...Windows XP has been around for 12 or so years and it stll has security issues......?????? What does that say about Microsofts reputation ? I'll stay with Linux and the rest of you can continue to believe Bill G.'s garbage..........

kitekrazy
kitekrazy

I remember being reluctant to run XP because W2000 was a killer OS.  Windows 8 in my book is Windows Ih8.  Windows 7 is an expensive upgrade for a company.  I hear the Linux junkies screaming once again "it's their time", yet forgetting most people don't have the savy to use a Linux OS.

ManoaHI
ManoaHI

We have some really old equipment, but we have two mission critical applications and they won't run under Windows 7, we tried, but can't find a ontractor to take it on. So, we sort of held off by using virtual desktop for XP or some XP machines are now sitting in our data center. Desktops are Windows 7 64bit Ultimate using Office 2010 (we will upgrade to Office 2013 early next year. Over the years when XP was at its pinnacle, we never had admin rights and specifically had carefully watched our firewall. Attacks were attempted, but our firewall has blocked them.

Any current vector for getting malware or viruses have always been employees, until we locked down the USB ports, then after a while, it all generally quited down. Then, due to the low cost of switches and wireless routers, this is one that we have to vet. What I don't get is when these are found, they are just confiscated and nothing happens to the employee. I don't understand while this is against our rules, HR is unwilling to even write these employees up, if not outright termination for repeat offenders. Now we are going through and have to do MAC address filtering on our wired network. This is the hardest vector to control.

rwbyshe
rwbyshe

XP UPDATES from Microsoft...

I haven't had a real good answer to this question as yet.  I'm hoping some of you might have the definitive answer.

Like many folks and small companies I have historical data/info/software that I will need to be able to access and run down the road, long after April 2014.

My question is this.  Do any of you know of a way to download all of the updates for Win XP from Microsoft and save them? 

I'd like to have those updates on a DVD or two in case I have to build/rebuild a hard drive XP and my "stuff" on it to retain all of that history, etc.

If you could provide specific directions I'd sure appreciate it. 

Bill_Bright
Bill_Bright

Curious, I accept that 31% represents about 500 million but where do you get that 500? Or specifically, where do you get that there are approximately 1.5 billion PCs out there? I can find reports from 2008 of 1 billion, and guesses of 2 billion by 2015, but nothing current.

Gisabun
Gisabun

First, I'm sure some will blame Microsoft with the old "it's a great OS - why change" stuff. Please. it's an old OS. Some of the blame lies with the companies that will wait until the last moment and then find out that there are incompatibilities.

A bit of the blame can be placed on Microsoft, but not for the reason above. More like for the lack of notification to small companies [that don't have a dedicated IT department] as well as the regular consumer. Have you seen Microsoft place any ads on this issue in newspapers or on TV?

sjones.
sjones.

We have 7 table top milling machines being run by Win 98 boxes. Those boxes are failing now, but with upgraded software we are now using the retired XP boxes for that job. Dedicated controllers cost far more than the old computers and do not have ethernet ports. The only problem in the future are the disappearing parallel ports on motherboards.

Prescott_666
Prescott_666

Going forward all users must be transitioned to Windows 7, which will be supported until 2020.  The old computers that run XP will be moved off of user's desks and put in an out of the way place, where they will be a common resource.  Applications which will only run on Windows XP will be run on the XP computers that are only used for those applications.  For security reasons, the XP computers should be fire-walled from the internet.  If that can't be done, they will have to be imaged after each use, so that they can be restored when they are infected.

 The XP computers can go on being used like that pretty much forever.

About a year ago I interviewed with a company that has a contract with the FBI at Quantico.  In the FBI visitors center, all public facing computers were running Windows 2000.  I doubt that they were connected to the internet, but they seemed to be working fine for that one application.

edward.keating
edward.keating

We can all state the obvious fact that Microsoft will no longer be supporting WinXP in a few months.

It still doesn't solve the problem that some device drivers were not ported to WIn7 or have issues when attempting to operate on that OS. Particularly those devices using the Microsoft supplied usbser.sys and a custom .inf file and using hyperterm to facilitate configuration of those devices. Yes, you can port hyperterm or use the Virtual XP support on Win7 and/or use Putty instead, but the difference on how Win7/8/8.1 works (or doesn't work) with USB devices can make your life difficult. Seems that the additional security handshake required to allow a USB device to be accessed by a communication program may be enough to cause the device to reset/disconnect from your host machine. This makes the attempt to communicate with the device all that more difficult. Perhaps the answer might be in setting some devices and programs to bypass the obnoxious prompt without disabling it for the entire system. 

Other peripherals that aren't supported by WIn7 also may need a winXP machine as an interface. Particularly if the manufacturer doesn't support the new OS with drivers for the legacy hardware.  Seems that many of us just won't throw out working equipment just because a new OS shows up in the market.

Until that issue is solved, some like myself will continue to use WinXP for these specialized applications to interface to legacy devices.

 

petkovass
petkovass

I have Win 8 , but I'll going back to Win XP soon . When my PC is protected by   Norton Internet Security suit  , there is no danger . 

matt
matt

I'm actually the only employee in the office running XP. I always found that even though I didn't have latest OS, I was always able to keep it running safe, clean, and efficient. It still runs all my software, old and new. (At home I run Windows 7 64bit Pro.) If you know what you're doing OR not doing much, XP will be fine to use. However, XP 64-bit might become even more of a pain since drivers have always been hard to find. If you search online, you might be able to find a custom driver someone modded from a XP 32bit or ME/2000/Vista version. Just watch out for fake or virus filled drivers. I always check and try OEM drivers first, just in case. Sometimes another OEM's driver will work (usually because of the same chips used).

appealnow
appealnow

I have a question. I have one old program that requires XP to run. With Windows 7 Pro I ran a virtual drive. I got a new Windows 8 computer but didn't realize that there was a Windows 8 Pro with Hyper Drive. What is my best option to run this one program? Install windows 8 Pro and put Windows 7 Pro on the hyperdrive and still can I run the virtual XP drive to run the program? Install Windows 8 Pro and put XP on the hyperdrive?

Saud Hassan Kazia
Saud Hassan Kazia

Like it or not. There is no suitable alternative to Microsoft Windows. And Windows 7 is the best. Windows 8/8.1 is a joke like Vista. So holding out for 9.

James Stevenson
James Stevenson

It's inevitable that XP will become obsolete but I don't think it will become useless. You could use an old XP machine for so many things including a virtual desktop receiver, an in-house cloud infrastructure or a web server.

If you wanted to keep the computer, you could install Linux. I did it with my home computer and never looked back. It turned my buggy mess of a desktop into a fluid entertainment system and production suite.

jevans4949
jevans4949

I'm not convinced that XP is going to become any more problematical than it already is, until anti-virus companies stop supporting it. After all, we've run with those "potential" problems for 12 years.

Subsequent versions of Windows must have more bugs; often they are affected by the same bugs as XP, and they are bigger packages, with new bits, with more bugs.

Jason Shepard
Jason Shepard

I avoided upgrading until last year. Decided XP no longer supported what I needed to run, so it was time to move on. Spent 6 months testing over a dozen LINUX flavors, Mac OS X and Win7. Would have preferred to go with Mac, but it just doesn't have the app support I needed. Ended up with Win7 and have learned to love it more than I ever did XP. Linux Mint was nice, but it also had app support issues as well as some hardware compatibility issues for legacy and top-of-the-line gear. Other LINUX flavors were either too complicated for the average user or had stability/compatibility issues that were immediate disqualifiers.

Saud Hassan Kazia
Saud Hassan Kazia

Randy. Anything productive requires windows. There is no other alternative

Saud Hassan Kazia
Saud Hassan Kazia

Already moved to win7. Proud to be in the team that made it all happen

Randy Myers
Randy Myers

That is why LINUX will eventually take Windows to the cleaners in my opinion. I have switched all PC,s to LINUX and other devices to IOS and Android--Windows just keeps failing and costing more.

Shawn Quinn
Shawn Quinn

I think most people will just lock it down and keep going with it until they can upgrade.

Mark W. Kaelin
Mark W. Kaelin moderator

Will Windows XP still be your organization's primary operating system in April 2014? If the answer is yes, how will you mitigate the risk?

SalSte
SalSte

@rwbyshe Even after retirement of XP, the Windows Update site will give you the option to download all previous updates. You'll just get a prompt that support for XP has expired and that upgrading to a newer OS is recommended. 


I had to rebuild a Windows 2000 machine for a customer just a few weeks ago, and Windows Update still pulled updates for it, even if they were close to five or six years old. If you have a Windows Update Server onsite, that will also cache the updates to push to your machines as well. 


Overall though, building a base image is probably going to be your easiest route.

s4b3r6
s4b3r6

@rwbyshe You'll need to build your own XP install disk. There's quite a few routes with doing this, using network systems like Norton Ghost, or using something more technical which creates a physical disk, like WinBuilder. There are quite a few guides on those systems.

As to adding the updates to those disks, you need to download them from Microsoft's site, ASAP. The KB numbers (e.g. KB946480 for SP3) still respond for now, but will vanish by April. Then use your chosen tool to add them to your disk or system.

rculver9056
rculver9056

@Gisabun No notification? Really?

It has been known for years that support would end, and anyone in IT really has no excuse for missing this news!

slam5
slam5

@techrepublic1@stanjones. or you can use PCI parallel port card.  If your app is really custom, you probably will have problem with USB to parallel adapter.

Gisabun
Gisabun

@techrepublic1@stanjones. Try USB to parallel port adapters.

Gisabun
Gisabun

@edward.keating : Errr. If they haven't been ported over by now, they won't. If Win 7 doesn't support a piece of hardware it is old hardware. I found a video card lying around. It was old enough that the last driver support was for Win XP. Why would a manufacturer bother with old hardware anyways.

Gisabun
Gisabun

@petkovass : Good day dreaming. I hope you know that no AV solution out there is perfect. Let's just say that NIS doesn't have a perfect record. Search for yourself.

deICERAY
deICERAY

@petkovass really? There is no certain protection, and you're in danger if you believe you are safe!

Gisabun
Gisabun

@matt : You won't have to worry about drivers for XP for too long. Manufacturers will stop supporting any further enhancements.

Gisabun
Gisabun

@appealnow : XP on a virtual drive? In any case, Hyper-V can probably convert/import more recent formats. If not, there are converters out there.

deICERAY
deICERAY

@appealnow this will not be helpful, but I'm sure there is a big green or pink or blue screen with a large ugly icon in the center that will also be of no help at all...welcome to 8.

rwbyshe
rwbyshe

@Saud Hassan Kazia 


I'm holding out for Win 11 or 12 !!!

SalSte
SalSte

@Steve Liddle And when my business critical application isn't supported? Also, how many of these XP boxes that Linux evangelists keep telling us to wipe and install *distro of choice* on are old P3 or P4 boxes with maybe 512MB to 1GB of RAM? Yes, Linux will run well on a system like that, but you're still in the spiral of old hardware becoming failing hardware.

njcsamuels
njcsamuels

@Steve Liddle Alot of times developers dont support it.

James Stevenson
James Stevenson

@Saud Hassan Kazia I moved to Xubuntu Linux and found it MORE productive than Windows.

Gisabun
Gisabun

@Randy Myers Dreaming? How many years has Linux been around? And yet it hasn't [last I checked gained much more than 0.5% of the marketshare over the last 10 years even with [quasi-] failures like Windows Vista and 8.

rjstein3
rjstein3

@Mark W. Kaelin Our plan across our company is twofold: replace or upgrade most XP machines of office/inside workers with Win7, and to deploy iPads for our outside workforce (utility workers). Our software vendor supplies a suite of apps that allow folks to do most of their work on tablets. Most of the replacements are due to system limitations (32 bit memory issue, older slower processors, over four years old) and not strictly due to XP end of life. We already do email on iPhones, by way of a MDM system. Our tablets will be administered via MDM, too. Mapping can be done and viewed on tablets. We are planning on secure wifi to our network, with VPN access secured by Vasco tokens for these mobile devices. This also is being done for business requirements, not strictly due to the end of of support. One application that had been written for XP and Office 2003 was rewritten in Jan of this year. We are in pretty decent shape at this point.

sjones.
sjones.

Thanks that sounds like the best option. The software actually runs in a graphical DOS window so USB is not an option.