Last week you may have read that Microsoft ended extended support for the Windows XP operating system. You may be wondering why they did that and what it means for you.
XP was originally released in 2001, growing out of Windows NT. It has had a long life for an operating system and has been superseded by things like Vista, Windows 7 and now Windows 8.x. XP stopped shipping on desktops around 2008 and on laptops shortly thereafter.
Once a product is “end of life”, security updates are no longer released and, over time, vulnerabilities appear and the security risk of running that Operating System (OS) increases. XP has been widely adopted around the world and it exists on millions of systems. These systems include desktops, but also other devices such as lab equipment. You may not even know a device that you use has a built-in copy of XP.
Here at Queen’s we started identifying Windows XP systems many months ago. When people go through our portal, or our Active Directory we can identify their OS and ITS have been using this information to contact individuals and offer them assistance to update their systems. At Queen’s we have a campus agreement that allows individuals to upgrade their operating system at no additional cost, and there is also a home use license. There is a cost in the effort, and we provide that support. This has been very successful and we have updated many systems.
We know we have not captured all of the XP systems on campus and this is something we need to address. We do have the ability to do scans of the network, at a point in time, which will identify XP systems. This is something that we are looking at doing and then extending the offer to upgrade those systems, where possible. In some cases the hardware will not let us do an upgrade, and that brings up a new set of questions.
As time progresses the security exposures are going to get higher and we are going to need to look at this more prudently. We might decide to put systems behind firewalls, or we might decide to partition them from the network. In some cases we are going to have to retire these systems. The risk to other users on the network will become too high.
At the moment we do have the ability to partition systems from the network, based on their Operating System, but it is a time consuming, manual process. We are exploring new services that allow us to dynamically scan and partition devices based on a set of predefined and accepted parameters. Memorial University decided that, after April 8th, they will no longer allow XP systems on their network.
The end-of-life for Windows XP has brought these discussions to the forefront, simply because of the widespread use of that specific OS. There are also other computers or devices running outdated versions of Linux and Mac OS that have equal or higher risks and we need to address these. If you are still running XP, get in touch with the help center.