Windows XP support will be available after April 8--just not for you

Microsoft is busy signing last-minute deals with big business to provide support for Windows XP after the deadline ends

On Tuesday night, the United Kingdom's Prime Minister, David Cameron, will go to sleep secure in the knowledge that his government's Windows XP PCs won't be hacked the next day. That doesn't mean you will.

Meet Microsoft's Custom Support for Windows XP, described as a last-ditch effort for big businesses to quite literally buy some more time to migrate from Windows XP to a more modern operating system. The U.K. paid 5.548 million pounds to Microsoft for an additional year of support to maintain critical and important security updates for Windows XP, Office 2003, and Exchange 2003. Otherwise, Microsoft plans to end support for Windows XP by April 8.

Microsoft has been warning about the demise of Windows XP support since September, 2007, and Custom Support will extract a heavy toll from businesses that were too slow to act: up to $5 million per year (according to a report from Gartner), negotiated on a custom, per-company basis. Last year, Gartner issued a report claiming that the prices could go as high as $200 per PC, per year. The firm called such prices "punitive".

"While many customers have already completed their migrations to a modern OS, some large customers with complex Windows XP deployments may not have their migrations complete by April 8," a Microsoft spokeswoman said in a statement. "To help those customers, we offer Custom Support for Windows XP as a temporary, last resort to help bridge the gap during a migration process to a modern OS, as the newest technologies provide the optimal chance to be and stay secure.  We are sure that our customers are taking the necessary steps to protect their customers."

But that still provides an out to those who can't facilitate a change. According to one report, for example, over 400,000 ATMs were running Windows XP earlier this year, owned by a variety of banks who no doubt can afford to pay for a support extension. In March, a month before the deadline, 27.7 percent of all PCs tracked by NetApplications ran Windows XP.

According to Microsoft, Custom Support requires an active Premier Support agreement, and customers should work with their Microsoft Account Representative regarding their Custom Support options for Windows XP. According to the company, Custom Support is designed for customers who need a bit more time to complete their Windows XP migrations, not as a way to extend life to an expired product. Customers must have a migration plan with quarterly deployment milestones and a project completion end date in order to be accepted into the Custom Support program.

And, to be specific,"there is not a consumer equivalent" of Custom Support, Microsoft confirmed.

Should consumers get the same break?

To date, Microsoft has given no indication that it will extend consumer support for Windows XP after the April 8 deadline, even though it has extended anti-malware support through July, 2015. After that date, any and all vulnerabilities found for Windows XP will live on forever, even though there are some avenues to keep your PC safe and protected after the deadline expires.

In some ways, the migration from Windows XP to a modern OS like Windows 8 could be considered painless: As the number of digital photos taken grows, for example, some users have moved to external hard drives and cloud storage to store data, solutions that transcend a specific operating system. Applications written specifically for Windows XP, however, will require tinkering and compatibility modes.

For some, there's the cost aspect: To run any Windows OS after Windows XP (ideally, Windows 7 or Windows 8), users will basically need to invest in a new PC, minus the monitor and printer. Given the relatively low cost of PCs, however, users can buy a new PC for a few hundred dollars.

A more interesting question would be this: If Microsoft instituted a pricey, last-minute, pay-to-delay solution, what would consumers be willing to pay? $20? $50? $100? $200?

If you run Windows XP, let us know what you'd be willing to pay in the comments below. Chances are you're out of luck, but if Microsoft is willing to maintain a database of patches for big business, maybe they'll throw a bone to the consumer procrastinators, too.

Join the CSO newsletter!

Error: Please check your email address.

Tags patcheswindows xpMicrosoftsecurityWindowssoftwareWindows 7operating systemspatch

More about CustomGartnerMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Hachman

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place