On 8 April 2014, Microsoft will stop pushing out security updates for Windows XP, which will leave a whopping one-third of the world’s millions of PCs still running Microsoft’s 12-year-old client operating system.
According to Gartner, the global installed base of PCs, at the end of 2013, will be 1.63 billion units. By that reckoning, Windows XP is currently installed on at least 500 million computers and almost certainly used by over a billion people.
Very large companies may still have the option to pay Microsoft for dedicated support, but it comes at eye-watering prices: $200 per desktop for year one, $400 for year two and $800 for a third year. And this premier service will only be available to the biggest of the big: you will have to be a premier level Microsoft customer to qualify for such support.
The message is clear: Microsoft wants everyone to get off Windows XP!
Viruses, ransomware, worms, Trojans, keystroke-loggers and anything else written to hack into, infect, snoop or steal from users on Windows XP beyond that early April cut-off date will soon live without fear of Microsoft’s weekly security updates.
Running vulnerable systems that could potentially expose customer data could, in regulated markets, land businesses with a big-fat compliance bill, privacy lawsuit or a slap on the wrist from regulators. And chances are that six months from now the number will not have been reduced to a non-worrying size, based on how slowly Windows XP’s market share is falling.
The reasons such large numbers of users are clinging to XP are varied. Quite a few are simply living in denial and of those planning to migrate to another operating system, some lack the budget for a wholesale update, while others appear to view the matter as ‘a hardware problem’. These latter companies plan to replace XP with something new, but only when they have to finally buy new computers. Others are simply flummoxed by the scale and complexity of a move off of their organisation’s legacy computing platform and the strategic onion-peeling exercise typically involved when one manages a software migration.
The problem affects everybody, from the biggest corporate giant to the smallest firm, and stretches across governmental bodies and the private sector. Nobody is immune.
For example, eighty-five per cent of PCs in Britain’s National Health Service are still running Windows XP. The NHS in England is one of the world’s largest employers, with 1.7 million staffers on its books.
Small and mid-sized businesses (SMBs) are a huge problem, many of whom have just enough PCs to be dangerous - between 25 and 250 according to Microsoft - but lack the IT budget, infrastructure and people to run a massive platform switch.
Often, it’s the businesspeople in side organisations holding things up because they don’t appreciate the impending problem and they aren’t freeing up the necessary budget. After all, it’s not like Y2K - the PCs won’t just stop running at midnight. Machines will still work. But slowly, and surely, over time, they’ll become more vulnerable to attack.
Y2k saw government-led campaigns to patch and upgrade systems combined with a rising tide of national news coverage that helped scare and motivate people based on the fact nobody knew exactly what to expect at midnight on 1 January, 2000.
At the moment nobody, including Microsoft, expects everybody to move their PCs off of Windows XP six months from now. That’s despite the fact Microsoft has worked across the whole organisation and ploughed cash into programmes to drive XP migrations - Microsoft has been offering a 20 per cent discount for customers buying Windows 8 and Office 365 through partners.
Only time will tell if enough businesses, individuals and organisations take suitable steps to reduce the level of danger that currently lurks around the corner in 2014.
Support for Microsoft Office 2003 is also running out on 8 April 2014.