February 6, 2014
Guidance from GCHQ suggests that Windows XP is no longer secure
Working from home to avoid the tube strike or weather-related travel chaos? Well, the perils associated with working from home may be more complex than contending with poor time management, feelings of isolation and a propensity to gain weight and neglect personal hygiene. The UK’s Government Communication Headquarters (GCHQ) is advising that all public sector staff who are still using Windows XP at home should be denied access to networks. By extension we can conclude that it’s not safe for anybody to be running the old yet still commonplace operating system after Microsoft announced it was withdrawing support from the 8th April despite the fact that over a third of all PCs worldwide still use Windows XP.
The announcement follows advice last year from Germany’s equivalent of GCHQ, the Bundesamt für Sicherheit in der Informationstechnik (BSI) claimed that that even the most up to date Microsoft operating system Windows 8 had compromised security after it discovered that the National Security Agency had placed a ‘back door’ in it to spy on companies.
At the end of 2013, research from ICT consultancy Net Applications showed XP maintained as many as 38 percent of all Windows and Mac OS installations worldwide despite dating back to 2001. That proportion has been falling very slowly but nevertheless, Microsoft took the decision that from April of this year the remaining hundreds of millions of users of Windows XP would no longer receive security patches, updates or any kind of support.
The move has prompted the newly issued guidance from GCHQ which suggest that to cut risks for government organisations users should desist from using the system unless they have specific short term security measures in place or until it has been replaced. As well as suggesting the removal of network access from Windows XP devices, the guidelines suggest that remote workers should not use devices running Windows XP to connect with the network.