Microsoft's well-documented plans to end support for Windows XP have been causing quite a stir of late.

It's not surprising when you consider that the operating system (OS) is still one of the most popular around, with roughly 30 per cent of all desktop computers worldwide still running it.

Lifeline

XP's popularity and widespread use is most likely the reason that Microsoft has now thrown its loyal users a lifeline, offering both antivirus signatures and security scanning from Security Essentials to those unable to currently upgrade until 2015.

Does this mean that XP users can wait another year until they should upgrade? Realistically, no.

Waiting isn't an option

We would advise that companies should look to upgrade to a more recent OS as soon as possible, even in cases where hardware upgrades are not an option.

The main reason for this is that, regardless of Microsoft's offer of extended security support, in terms of the internet, the security model of Windows XP is ancient.

As a result, any newly discovered flaws in Windows XP will no longer be fixed, leaving systems extremely vulnerable. Hackers have had a lot more time to try and discover flaws than they would have had with a younger system, and businesses still using this OS should take this threat very seriously.

Legacy Systems and Consumer attachment

Many companies are still using XP due to a large number of business automation and supervisory control and data acquisition (SCADA) software packages still failing to support anything else – in the happy case where producers of said software are still around and providing patches, that is.

Consumers, on the other hand, tend to stick with what they know in terms of user interface, and often seek to avoid software upgrade costs which are perceived as lacking palpable benefit. In other words, we're likely to be stuck with an ever-dwindling, but still significant, minority of XP users for a long time.

In instances where an upgrade is not possible at this time, companies stuck with legacy (bespoke XP) software should at least consider going down the virtualisation route.

Legacy hardware often makes it impossible to migrate to a newer version of Windows, but a virtual host will provide far more controls in terms of security, while also divorcing the system from legacy software, which is apt to fail.

Sandbox XP

IT Directors and business owners are free to choose the software and OS they see as the best fit for their business. Our advice, however, is to consider the cost implications of a potential security breach and upgrade to a more recent OS as soon as possible.

Any businesses that continue to run XP should run it virtualised, stripped to the bare bones with hypervisor-level security and on a separate subnet. In other words, stay safe and sandbox it.

  • Alexandru Catalin Cosoi is Chief Security Strategist at Bitdefender. Catalin Cosoi's work sets the agenda for the development of new security threat countermeasures.