Microsoft has ended support for the Windows XP operating system. As of April 8, there are no more security updates or technical support for Windows XP. The company has recommended that those with PCs running Windows XP migrate to another operating system, which is supported, such as Windows 8.1, so they can get regular security updates.
There were many predictions of doomsday scenarios, now that support has ended. Many “security companies have repeatedly warned of the inevitability of a zombie army of hacked XP machines that will stalk the Internet, dooming us all,” according to a report appearing earlier this month in The Guardian.
But there does not appear to be much fear out there, the article adds. Not everyone who has XP is switching to another operating system. Tech Pro Research discovered in a recent online survey of 641 XP users that 37 percent of respondents will continue to use XP, according to ZDNet. There are three basic reasons why people do not want to change. These are: cost (cited by 21 percent); they have critical software that requires Windows XP (39 percent); and the belief "if it ain’t broke, don’t fix it (40 percent)."
Overall, news reports said that earlier this month there were about 430 million PCs still running some version of Windows XP. In addition, more than 10 percent of computers used in government and businesses globally still use XP, one estimate said. About 95 percent of the 211,000 ATMs owned by financial institutions use XP, another estimate showed.
But law firms are concerned about privacy, and are often a target for hackers. InsideCounsel reported in 2012 how law firms were a “prime target for hackers seeking to access valuable confidential information, such as documents related to upcoming mergers and acquisitions or litigation.”
When it comes to law firms, there are some risks, too, with support ending for XP, according to statements provided to InsideCounsel by Sergio Galindo, general manager, Infrastructure Business Unit, at GFI Software.
“When we talk about the potentially imminent threats for law firms using XP, it’s the holes that will be identified by Microsoft for the other platforms,” he said. “And those holes, just because they’re the same code base, often have the same vulnerability in XP. So basically we’re telling the thieves how to get in the house, and we’re not going to lock the front door.”
In addition, he said the holes will “continue to build up.”
“Used to be, I found a problem and Microsoft would fix it. Now we’re saying, find a hole, and then another hole next month – it’s a problem that grows the longer you wait – it doesn’t have a fix,” he explained. “The other issue they have is the third-party products that run on top of the operating system. XP is the foundation, and yet it has holes in it, but the programs you run in your office may not be supported on an unsupported platform. So now you take the next step – if there is a core business application that I need for my business, and it’s running on XP – that may not be supported. The worry is over that combination of: holes being identified; holes building up; and dependence on third-party products.”
There are also some issues unique to law firms. Here is one question that law firms need to think about: “if you know about an issue, and you don’t fix it – are you responsible?”
“Firms are often involved in confidential information, and that information – and that trust – is something that’s important to them,” Galindo said. “Everyone gets notice(s) from (credit card and other consumer/financial) companies about resetting passwords, for example. Credit card companies will remove charges from accounts when there’s a breach. For law firms, if someone gets hold of information – how do you repair that? Credit card violations are ‘fixable’ – because firms deal in information; it’s unclear how you repair violations of information as law firms would likely face. So law firms do need to be a bit more sensitive because they have access to confidential information and it’s not easily fixed. That, coupled with the awareness of the problem, makes this a serious matter for firms.”
GFI does offer some products that can help. It provides reports in products that identify hardware and software that are running on XP machines.
“We want to help you get off that,” Galindo said. “We have software that helps IT administrators identify both hardware (is your engine powerful enough to run Windows 7 or 8?) and software (so when you move to a new machine, make sure you understand what you need to move).”