Windows XP’s approaching retirement will be boon for blackhats

Windows XP, one of Microsoft’s most popular products ever, is scheduled to be retired in April 2014. This means that from that moment on, no updates patching security flaws in this OS version will be issued by the Redmond giant.

Event though its market share has been slowly dropping since late 2007, it is still used by some 37 percent of all Windows users – a considerable number, we can all agree.

SANS trainer and Microsoft security expert Jason Fossen posits that such a big market share will result in blackhats keeping information about found Windows XP zero-day vulnerabilities or exploits for them secret until April 2014.

Once the retirement date has passed, he argues, they will probably either sell them to cyber crooks for huge sums or use them themselves in order to infect huge swaths of users and profit by it.

“The average price on the black market for a Windows XP exploit is $50,000 to $150,000, a relatively low price that reflects Microsoft’s response,” Fossen shared with Gregg Keizer. “When someone discovers a very reliable, remotely executable XP vulnerability, and publishes it today, Microsoft will patch it in a few weeks. But if they sit on a vulnerability, the price for it could very well double.”

If Fossen’s theory turns out to be true, XP users will experience a safer-than-usual eight months.

On the other hand, there are sure to be blackhats who are not ready to bank on the fact that, when the time comes, they will be the only ones who are selling knowledge about a particular vulnerability. As they say: “A bird in the hand is worth two in the bush,” and they might think that $50,000 or 100,000 is quite enough for them.

Windows XP, with its lack of security measures that have been added to Windows 7 and 8, is still the most often compromised version of the popular OS. Its considerable market share, and the fact that many enterprises still use it, make it a great target both for random hackers and persistent ones.

If Fossen has got it right, the proliferation of active campaigns using Windows XP exploits after April 2014 just might force Microsoft to relent and continue supporting it, even though it would set an undesirable precedent and make both individual and corporate XP users think they they could get away with using it for a while yet.

Another viable conclusion to that problem might be to push them to upgrade by offering a discount for Windows 8 versions (and skip Windows 7 altogether).

This way they they could kill multiple birds with one stone: users would migrate to the latest version of the OS and pay for it, the remaining number of hardcore XP users would be a lot less appealing to attackers, and the company can argue that they haven’t left them high and dry – they gave them the option to upgrade, after all – and Microsoft’s reputation as a good company offering good software and caring about their users gets a boost.

Don't miss