XP has been out of support for 5 years. I get it, IT is hard and expensive, but you've had 5 years (and multiple years leading up to it) to find a solution. At this point it's your fault, not Microsoft's or your software vendor's.
XP is almost 18 years old. If you were running an 18 year old operating system in 2010, you'd have been running Windows 3.11 while everyone else is on Windows 7.
Running XP now is like running Linux Kernel 2.4 today.
If the computer in question is connected to any network, to keep it so out-of-date is simply irresponsible.
And yet attackers routinely make it onto “secure” networks and stay ahead of attack signature databases.
Other layers might save you, you hope, sometimes. It is still irresponsible. Most actively developed and diligently patched software is bad enough; after EOL it is beyond the pale.
The cost needs to be properly internalized so that getting owned really is more expensive than migrating legacy; today I’d have to agree with you that it isn’t.
More “let’s hate on Microsoft because it’s trendy” bandwagoneers. I guess the 25 year old vulnerability in bash was not a bad thing, eh? Or scp’s 35 year old vuln did not affect anyone? Come on, people. Stop acting like Microsoft is the only vendor worth criticizing
That's not what I took from the article at all. Here are the two points I got:
1. Microsoft is releasing a patch for Windows XP, which is odd because they no longer support it. This could indicate that a very serious vulnerability is about to be revealed - one which likely goes beyond XP itself.
2. There are still far too many computers running Windows XP. Doing so is a dangerous practice - especially if the device is networked - and keeps getting harder to justify.
A bad sign? Far from it. It's good that they're still supporting a vintage OS when it matters, even though Windows XP users really should have moved to better options (GNU/Linux, ReactOS, whatever) by now.
Actually, support for XP for POS terminals was terminated on 2019-04-09, that is, less than 2 months ago.
One may argue that a POS connected to the Internet would be a no-no, but the hack that enabled faking normal XP installs as POS devices to keep getting updates has been well known for years, and just a registry key away, so the number of connected XP/"POS" devices might well be much higher than expected.
>The saving grace for all of this is that computers running Windows 8 and up aren’t affected.
Burying the lede? The implication here is that all unpatched Windows 7 computers will be utterly pwned within 24-48 hours of that announcement - i.e. a week ago. That's way more serious than a Windows XP problem. Tons of people are still on Windows 7 - justifiably.
There absolutely is. A significant amount of software hasn't been updated to work on Windows 8/10. If you need a specific piece of software that only works on Windows 7, that is a perfectly justifiable reason.
I still own perfectly functioning hardware... but functioning only if the Windows 7 is running on it. Nobody made newer drivers: Intel didn't and Microsoft didn't. And the hardware is surely nothing obscure: it's the Intel chips.
For that matter, a significant amount of hardware hasn't been updated (or had updated support, rather) to work properly on anything newer than Windows XP! Linux has better support for some hardware than any Windows post-XP does.
