Drives and Controls Magazine
End of Windows XP support leaves users vulnerable to attacks
Published:  22 April, 2014

Many thousands of industrial users of the Windows XP operating system could be vulnerable to cyber-attacks following Microsoft’s decision to end official support for the system from April 8, 2014. Since that date, the company has stopped issuing security updates and providing technical support for the 12 year-old operating system.

The analyst IHS is warning that without the ongoing security updates to protect their systems from attacks, users could be exposed to new threats that exploit vulnerabilities in the operating system. “Such threats exist to industrial automation equipment operating on Windows XP – perhaps, most notably, industrial PCs (IPCs) and distributed control systems (DCS),” it says.

According to Microsoft, PCs running Windows XP “should not [now] be considered to be protected, and it is important that you migrate to a current supported operating system.”

IHS points out that as the longest-supported Windows operating system, XP is most widely used in industrial automation, which means that potential issues arising from the discontinued support could affect a large number of end-users.

Since Microsoft announced in 2007 that it would end support for Windows XP in April 2014, many end-users have upgraded to more modern operating systems that will continue to be supported. Larger companies – especially those driven by IT departments – were typically more proactive in making advance preparations to upgrade early, says IHS. In contrast, smaller companies – those that may be less driven by IT – have delayed upgrades until absolutely necessary, with many yet to convert.

IHS believes that the impact on the industrial automation equipment market will be fairly modest, but warns that a large stock of older equipment with basic flaws in its security architecture remains that could prove to be a problem.