The sirens are wailing and decision day is rapidly approaching for owners of the 300,000 computers in New Zealand that still run Windows XP.
With one month to go before Microsoft ends support for XP, the company is stepping up the rhetoric to persuade people to move off the 12-year-old operating system before they get run over by what it claims could be a train of malware.
Microsoft has terminated support for versions of Windows before, but never one still this popular. Even though it has been succeeded by Vista, Windows 7 and Windows 8, XP was being sold on some computers as late as October 2010.
Once support for XP ends, Microsoft will not issue patches for any newly-identified security holes in the operating system.
Rather than there being safety in numbers, the few hundred million vulnerable XP machines connected to the internet worldwide will be a single juicy target for hackers.
At the same time, Microsoft will also stop patching Internet Explorer 8 and office suite Microsoft Office 2003, potentially causing a myriad of problems for unprepared businesses which risk losing access to archived documents.
Adding insult to injury, computer companies have not written software drivers for many of the printers, scanners and other peripherals attached to XP machines that would enable them to work with newer operating systems, meaning many will become e-waste before their time.
Microsoft will flash up a monthly on-screen reminder on XP computers, starting today, to warn users of the end of support.
If XP users get fed up with the warnings, there will be a simple solution; turn off Windows Update on their computers on April 8. Since the operating system will no longer get new patches anyway, that will do no harm.
But Microsoft New Zealand Marketing director Frazer Scott warns that customers who bury their head in the sand will have to contend with an increased risk of malware. He lists the possible consequences as including spyware accessing personal information, being constantly directed to malicious websites and the loss of data such as photos and emails.
The consensus is there is indeed cause for concern, though not necessarily panic, and it will be a good idea for XP users to upgrade their computers over the course of this year even if they have no interest in the extra features of newer operating systems.
Marc Vael, Belgian vice president of the global non-profit Information Systems Audit and Control Association says many of his relatives have asked him for advice. "I have told them to first make sure they have a proper backup of their computer, then to take their time and over perhaps the next six months look at their options." In most cases that is likely to mean buying a new computer running Windows 8.1, he says.
Other experts point out the risk of continuing to use XP past April will depend on how people are using their computers.
Microsoft will continue updating its free anti-malware service Microsoft Security Essentials on XP machines until July next year, and most other paid security software will also be kept current.
But anti-malware software is not invincible. So if you use an XP machine to access internet banking or buy online using a credit card, that may come with extra risks from April 8.
Importantly, Hope says people who continue to access internet banking from XP computers after the end-of-support will still be covered if their accounts are hacked so long as they complied with their bank's terms and conditions.
There are several steps people can take to reduce their risks from malware while they shop around for another computer.
PC World in the United States suggests anyone using Internet Explorer 8, which is the last version of Internet Explorer that runs on XP machines, should switch to a browser such as Chrome or Firefox. It also recommends they remove vulnerable add-ons such as Java and ensure others, such as Adobe Flash and Reader, are up to date.
Another of its tips is to log on to computers through an account with limited privileges, rather than as a computer's administrator, so if the computer is compromised, hackers can't get full access to the machine.
On any computer, it is also good practice whenever entering a credit card number, bank account number or an important password to miss out (the same) one or two digits when you key them in and to then click back with a mouse to fill in the missing letters or characters before pressing ‘enter'. This will mitigate the risk of those character-sequences being easily recorded by at least some types of keylogging software.
But if you wanted a new computer, the withdrawal of XP support should be the excuse you have been looking for to upgrade.
- © Fairfax NZ News