Microsoft Windows XP Office 2003 Support Ending Banner

As you may be aware, support for Windows XP (and Office 2003) will end on April 8, 2014 (more info here). This carries significant risks to due to the potential of having a non-supported operating system in the environment and additional risks of which your Microsoft team feels compelled to make you aware, including:
  • Security and compliance risk of running an unsupported OS
  • Impact on users in the event of critical support issues (including potentially critical impact to business / revenue)
  • Inability to run latest versions of Microsoft Office as well as 3rd party applications
  • Potential for license compliance risks related to downgrade rights
  • [Optional - for healthcare organizations] Significant business impact related to potential security breaches of PHI
xp promo box
Sales@ConvergedSystems.com
877-598-3999
What does End of Support mean to customers?
After April 8, 2014, there will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates for Windows XP or Office 2003.

Running Windows XP SP3 or Office 2003 in your environment after their end of support date may expose your company to potential risks. You can find additional information about the risks of staying on Windows XP below, but I'd like to call out some alarming data points:

Cybercriminals "saving up" wave of Windows XP attacks for when Microsoft stops support"
According to this article, many security experts are reporting that "Cybercriminals will unleash a wave of 'zero-day' vulnerabilities to attack Windows XP machines after April 8, 2014....Criminals will 'sit on' such vulnerabilities until that date to make more money from their exploits."

The Risk of Running Windows XP After Support Ends April 2014:
This recently Published Microsoft's Security Blog outlines the reasons that Windows XP will become significantly more vulnerable after April 8th 2014:
"The very first month that Microsoft releases security updates for supported versions of Windows [After April 8, 2014], attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP. Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a "zero day" vulnerability forever. How often could this scenario occur? Between July 2012 and July 2013 Windows XP was an affected product in 45 Microsoft security bulletins, of which 30 also affected Windows 7 and Windows 8.

[Optional - for healthcare organizations] In the healthcare industry, you may be particularly interested in the Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security, which explores the reputational, financial, legal, operational, and clinical repercussions of a protected health information (PHI) breach on an organization, and provides a 5-step method - PHI Value Estimator (PHIve)- to assess specific security risks and build a business case for enhanced PHI security. I would suggest particularly reviewing the information in Chapter 4: Threats and Vulnerabilities.

Additional risks of Running Windows XP beyond April 8th 2014:
  • Security & Compliance Risks: Unsupported and unpatched environments are vulnerable to security risks. This may result in an officially recognized control failure by an internal or external audit body, leading to suspension of certifications, and/or public notification of the organization's inability to maintain its systems and customer information. The Microsoft Payment Card Industry Data Security Standard Compliance Planning Guide is designed to help organizations address the requirements of version 1.2 of this standard using Microsoft products and technologies. This guide is intended to extend the IT Compliance Management Guide, which introduces a framework-based approach to creating IT controls as part of your organization's efforts to comply with multiple regulations and standards.
  • Lack of Independent Software Vendor (ISV) & Hardware Manufacturers support: A recent industry report from Gartner Research suggests "many independent software vendors (ISVs) are unlikely to support new versions of applications on Windows XP in 2011; in 2012, it will become common." And it may stifle access to hardware innovation: Gartner Research further notes that in 2012, most PC hardware manufacturers will stop supporting Windows XP on the majority of their new PC models.
  • Windows XP not supported for Office 2013: If your organization is planning to use Office 365 or Office 2013, please note that those both require that the client OS be Windows 7 or later. So having a large number of Windows XP devices could impact your ability to leverage the latest software and tools which would otherwise be beneficial to your organization.
  • Limited Ability to Downgrade OS on new PCs: [Optional Section for companies who do not have Windows Client SA] currently purchases all new PCs with the current version of Windows preinstalled on each PC by the OEM. For Windows licenses acquired though an OEM, you may downgrade to the two prior versions (N-2) of the licensed Windows edition. This means that as long as the OEM PCs are shipping with Windows 7 you have the option to downgrade those PCs to Windows XP, but once those PCs no longer ship with Windows 7, you will only be able to downgrade them to Windows Vista or Windows 7.
Additional business justification for upgrading from Windows XP to a supported OS:
  • IDC whitepaper: Mitigating Risk: Why Sticking with Windows XP is a Bad Idea
    "IDC's analysis shows that supporting older Windows XP installations, compared with a modern Windows 7-based solution, saddles organizations with a dramatically higher cost. Annual cost per PC per year for Windows XP is $870, while a comparable Windows 7 installation costs $168 per PC per year. That is an incremental $701 per PC per year for IT and end-user labor costs." "The conclusion is simple: Organizations that continue to retain a Windows XP environment not only are leaving themselves exposed to security risks and support challenges but also are wasting budget dollars that would be better used in modernizing their IT investments."
  • Forrester whitepaper: Total Economic Impact of Windows 7
Beyond upgrading to a supported OS, there are significant benefits to getting current with the latest versions of Windows and Office. Windows 8 and Office 2013 offer more flexibility to empower employees to be more productive, while increasing operational efficiency through improved PC security and management. They also enable your organization to take advantage of latest technology trends such as virtualization and the cloud.
For example, with Windows To Go, you can allow users to run the latest version of Windows on users' existing PCs by providing your corporate image on a USB Drive, avoiding the need to buy new hardware or perform a full install on remote systems.

Your Microsoft team would like to partner with your team to help ensure that is fully migrated from Windows XP and Office 2003 well before April 2014, and that you are using modern desktop technologies, like Windows 8 and Office 2013, which are proven to be much safer, and more cost effective to operate. We can offer significant resources to help you plan your successful migration, including:
  • Onsite Resources to help with upgrade & deployment planning (at no charge to < company name >)
  • Architectural Design Sessions (onsite or at our Microsoft Technology Center, at no charge to < company name >)
  • Technical Briefings and Tips and Tricks to help with knowledge transfer (at no Charge)
  • Formal Training and in-Depth Workshops though Premier or training Partners
In the event that you do not expect to complete your migration prior to April 2014, Microsoft does have a Custom Support option available, but this should be a last resort, as the cost of supporting Windows XP in the first year of Custom Support will be from $200-$500/PC. We would like to do everything we can to help you migrate by the end of support deadline to avoid this costly option.