Microsoft warns against hack that allows Windows XP updates

Microsoft has warned against using a hack that enables Windows XP to continue to receive security updates even though Microsoft officially ended support for the operating system in April.

A “simple registry tweak” allows those who have not migrated to a newer version of Windows to receive updates from Microsoft, according to Betanews.

The tweak pulls in the updates Microsoft is releasing for embedded versions of the 13-year-old Windows XP, which Betanews notes would be “essentially” the same as the standard version of the OS.

But Microsoft has warned that Windows XP customers may face problems if they install the updates.

“The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers,” Microsoft said in a statement.

“Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP,” the statement said.

Security experts also warned that companies should be wary of the registry hack as it could potentially have an adverse effect on their environment.

“Microsoft will not be testing the patches on the full version of XP and so these updates could lead to downtime and have a negative effect on user experience,” said Andrew Avanessian, vice-president of global professional services at Windows privilege management firm Avecto.

“Another consideration is system bloat. XP machines will tend be to running on older hardware, which is most likely at the end of its life, and as number of the updates will not be needed it could result in increased disk footprint,” he said.

Several government have negotiated deals with Microsoft to extend support for Windows, giving them more time to migrate to a more modern operating system.

The UK government won an extra year with a £5.5m deal with Microsoft.

Security experts have urged all other users of Windows XP to migrate to newer operating systems or at the very least switch to a browser like Google’s Chrome or Firefox that is actively supported.

Avanessian said companies unable to migrate to Windows 7 or 8 should strongly consider removing unnecessary admin and power user rights.

They should also ensure staff members cannot implement the registry hack to reduce vulnerabilities to attack as much as possible.

When Microsoft ended support for Windows XP, the Information Commissioner’s Office estimated that 30% of all PCs were still using Windows XP.

Research by UK software firm AppSense indicated that around 77% of UK organisations were running XP somewhere in their IT estate.

While Gartner estimated that up to 25% of enterprise systems was still running XP, and that a third of large organisations had more than 10% of their systems still on XP.



Via: computerweekly

Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *