Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Survive After Windows XP Dies

"The art of dying graciously is nowhere advertised, in spite of the fact that its market potential is great." -Milton Mayer

It seems as though Windows XP has been with us for a lifetime. But one of the most commercially successful operating systems ever created has created a security conundrum.

As of April 8, after more than a dozen years, Microsoft is ending support for Windows XP. What does this mean? There will no more security updates, hotfixes or support available for users running XP.

None. Nada. Zilch.

Guess who is licking their chops? You guessed it, the bad guys. Attackers will be ready to pounce, with some reports suggesting adversaries have been amassing zero-day vulnerabilities, waiting for the not-too-distant day to come when Microsoft stops patching Windows XP.

According to the most recent NetMarketShare stats, Windows XP is still running on almost 30 percent of desktop systems.

That means three out of 10 systems will be sitting ducks without many options to properly protect themselves. How many of those systems transmit or store sensitive data? How many of those systems remain tucked away in the dark corner of your network?

For those that haven't already done so, businesses and individuals immediately need to develop a plan to discover if they have any systems still running Windows XP and determine a proper migration path. Will all of your applications be supported on a new version of Windows? Do you have the trained resources to determine which new vulnerabilities need to be mitigated in this process? Do applications need to be re-written?

Here are five recommended steps to take if you think you might be in trouble come April 8.

Identify all systems in your environment

This can be done as a manual process, but it might fail to identify hidden systems. For instance, did you know that Judy in the Topeka office connects her laptop to the network to stream music all day? Smart tools, including Trustwave TrustKeeper Agent, are available to help you quickly and accurately tag your systems.

Define system dependencies

Which applications or services still run on these Windows XP systems?

Create an upgrade path

Do all of your vendors support newer versions of your solutions? Do you need to go shopping? How much budget do you need?

Test. Test again. Keep on testing

How will all of these technical and procedural changes impact your security posture? Ask yourself candidly if you have the knowledge and tools to answer these questions.

Conduct a risk assessment

Once you've upgraded operating systems across your network, a risk assessment is a good way to ensure you have all of your ducks in a row. Risk assessments are recommended after any major environment change, as the risk profile changes.

One other deadline to keep in mind: If you're running Windows 7, mainstream support for that operating system is scheduled to end one year from this week.


Shortly after this blog was posted, Microsoft announced it will extend anti-malware support through July 14, 2015.

"This does not affect the end-of-support date of Windows XP, or the supportability of Windows XP for other Microsoft products, which deliver and apply those signatures. For enterprise customers, this applies to System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune running on Windows XP. For consumers, this applies to Microsoft Security Essentials.

Greg Rosenberg is a security engineer at Trustwave

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More