Windows XP End of Life (EOL)
Microsoft ends support for Windows XP and Office 2003 on April 8, 2014.
What does this mean?
Microsoft will no longer provide security updates or technical support for Windows XP and Office 2003. Computers running unsupported software have increased risk of cyber security threats, such as malicious attacks and data loss.
What should I do?
If you have not already replaced your Windows XP machines (or upgraded to a newer operating system -- for newer hardware only), you are strongly encouraged to take action as soon as possible. ITS recommendations are posted at http://www.hawaii.edu/technews/notice.php?id=245108
If you have questions or need assistance, please contact the ITS Help Desk at 956-8883, email firstname.lastname@example.org or call toll free from the neighbor islands (800) 558-2669.
If ITS detects a compromised Windows XP system, it may be blocked permanently until the operating system is upgraded.
If you absolutely MUST RUN Windows XP:
- Limit use of the computer to non confidential purposes - no credit card processing, no access to student or employee records, etc. unless absolutely necessary (e.g. part of your job responsibilities).
- If you must access confidential/sensitive information, do not browse to non-work related web sites, click on links in unsolicited emails, etc. Make sure your computer does not get infected/compromised.
- US-CERT recommends that you get rid of Internet Explorer (because it will no longer get patches). Install an alternative, current browser and make it the default. Windows XP comes with Internet Explorer but it only supports up to IE 8, making the security features of later versions unavailable.
- If the machine is being used to control laboratory equipment, it should not be used for routine email and web surfing.
- Air-gap or isolate on separate networks the XP devices in order to protect more modern machines from being attacked by compromised XP devices; you might consider leaving XP devices off the network completely if network and/or Internet access is not needed.
- Install the final Windows XP update so machines start their unsupported lives protected from the latest known vulnerabilities.
- Fully patch Microsoft Office if it’s on the machine to reduce the chances of it compromising the device.
- Uninstall unused third-party software. The older it is, the more likely it is to be vulnerable.
- Consider disabling or uninstalling browser plugins for third-party software, and set the browser to ask what to do with PDFs, etc., rather than opening them by default.
- Install up-to-date firewalls and anti-virus software.
- Keep the computer on a trusted network behind a NAT router, which acts as a hardware firewall.
Additional information from Microsoft:
"Support for Windows XP has ended
Microsoft has provided support for Windows XP for the past 12 years. But the time has come for us, along with our hardware and software partners, to invest our resources toward supporting more recent technologies so that we can continue to deliver great new experiences.
As a result, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date. (If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time, but this does not mean that your PC will be secure because Microsoft will no longer provide security updates to help protect your PC.)"
More information about the risks if you continue to use Windows XP: