According to reports in The Daily Telegraph today over 3/4 of British businesses are running Windows XP, the operating system that Microsoft moves to “end of life” status next week.
The headline is obviously misleading. 77% of UK businesses using XP isn’t anything like 77% of British business PCs using the old OS which estimates within the article put down at around 13%. There is also a heady whiff of “survey done for PR purposes” about the whole piece.
What it does make me think, though, is that with the remainder of devices left on the old OS increasingly in niche tasks, is there really any greater risk of security from not migrating?
My hunches are based on two assumptions:
Firstly that if a company still has Windows XP knocking about the place, then what are the chances it is meticulously keeps those devices patched and up to date? My guess would be that many of the remaining XP devices are already horribly out of date and so therefore won’t be any less secure next week or beyond than they are already.
But the second assumption is that many of those XP devices will be being used for non-PC type applications, where they aren’t connected to the full, internet-connected network. To be frank, if say something like the bank ATM network is generally connected to the general PC network of your average financial institution, there are far bigger worries than an old operating system that should be being examined. Is every cash register using XP similarly at risk because of being on a major business network? I’d be surprised…
I’ve no doubt that there are some security concerns for the remaining XP machines in circulation, but I wonder now if we need to keep in mind that not all “PCs” are created equal.