Sticking with Windows XP? Be prepared for 14 years worth of “I told you so”
According to recent reports from network security firm Vectra Networks, computers running versions of Windows prior to Windows Vista, are at an even greater risk of being affected by malware, through a security hole provided by Windows Print Spooler, created over than 20 years ago when malware threats were not nearly as aggressive as they are today.
If you are running Windows XP, the Windows Print Spooler is the operating system’s component that manages printers activity, and since it was designed prior to Microsoft’s heavy focus on security, the functions of the Windows Print Spooler do not include checking whether a printer driver is legitimate or not.
In layman’s terms, users who still run Windows XP on their computers are less likely to find official driver support for new hardware, which means that they may rely on third party drivers downloaded from less reputable websites. By this token, printer drivers downloaded from other websites that are not affiliated with manufacturers, may contain malware that would sneak past Windows XP’s Print Spooler, completely undetected, and able to run any kind of command, including ransomware.
Microsoft has made a considerable effort in securing its operating system towards modern cyber threats, since Windows Vista, but it wasn’t until Windows 8 and Windows 10 that Microsoft introduced a truly comprehensive core, built around security and encryption, with many new devices, including the Surface product line, designed to provide hardware-based security, built into the CPU, and designed to work with Windows 10’s OneCore.
While Windows XP usage is shrinking, with Windows 7 being the lead operating system, at 51%, the 14 years old operating system is still present in over 10% of computers worldwide, which is still double the users base of Apple Mac OS X El Capitan, representing 5% of global users. A 10% market share means a global-scale liability, when it comes to a 14 years old operating system, which is no longer supported, and that was never designed to address modern malware.
The Print Spooler vulnerability, although it has been addressed, isn’t likely to be the last, and users still running Windows XP should keep that in mind, especially as many of them still use it in the workplace.