Security risks for those who stay with Windows XP SP2

Filed Under: Microsoft, Vulnerability, Windows

RIP Windows XP SP2
Tomorrow (Tuesday 13 July 2010) Microsoft will issue its last ever security patches for Windows XP Service Pack 2 (SP2).

The service pack, which was first released in August 2004, will no longer be supported by Microsoft after Tuesday meaning that users will no longer receive any security patches - regardless of how critical any discovered vulnerability may be.

Furthermore, it's not just Windows XP SP2 that Microsoft won't be updating - but your installations for Internet Explorer, Windows Media Player, Outlook Express and other Windows XP SP2 components also won't receive security patches if you're running that version of the operating system.

You may be wondering - "What's the problem? After all, Windows XP SP3 was released in 2008, and replaced SP2, right?"

Well, yes. It did. But recently published statistics suggest that an alarming 77% of organisations are running Windows XP SP2 on 10% or more of their PCs.

That's an awful lot of computers which may not be properly protected when a new vulnerability is discovered - and could potentially be vulnerable to a malware attack.

Microsoft would probably like you to update your computers to Windows 7, but that may be a tall order for many older PCs. If you're not ready for Windows 7, make sure you apply the free update to Windows XP SP3. Windows XP SP3 will be supported by Microsoft until at least April 2014.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley