Nearly half of the companies still using the nine-year-old Windows XP plan to keep running the aged OS even after Microsoft withdraws its support in 2014, a research analyst said today.
"IT just really, really likes the XP operating system," said Diane Hagglund, a senior analyst at Dimensional Research, which recently surveyed more than 950 IT professionals about their Windows and Microsoft Office adoption plans. "They say it's just that good, and don't want to mess with it."
According to Dimensional's poll, IT pros split on how they would handle the April 2014 retirement of Windows XP: 47% said that they would ditch XP for a newer Windows before then, while 48% claimed that they would continue using XP sans support.
Microsoft will stop supporting Windows XP after April 8, 2014 when it issues the operating system's final set of security patches.
The large number of companies that plan to keep XP on the front lines, even without support from Microsoft, stunned Hagglund. "It wasn't just very small companies saying this," she said, adding that the stick-with-XP movement was across the board.
"We're seeing a number of major financial services and manufacturing companies opting to continue running XP without support," said Hagglund. "And it's not a price issue. From the comments we did get, IT simply thinks it's a great OS, one that's still working for them."
For all their talk, enterprises don't plan on running XP forever, only for some time after the 2014 support cutoff. "I think six months or so after Microsoft ends support, they'll really quickly upgrade [to a newer Windows] as they realize the systems are vulnerable because they've not been patched," Hagglund said.
Microsoft has been pushing XP customers of all stripes, including enterprises, to upgrade to Windows 7. While Dimensional didn't query IT professionals about what operating system they were leaving behind as they migrated to Windows 7, they're doing the latter in increasing numbers.
More than a third, or 38%, of those polled said their companies have implemented a partial roll-out of Windows 7, up from 15% in January 2010 , the last time Dimensional surveyed IT administrators and staffers.
Six percent of the companies have fully deployed to Windows 7 , a six-fold increase over the 1% who said the same back in January.
"What's really interesting here is that if you look at the numbers, they've almost exactly adopted according to plan," said Hagglund, citing figures from the migration schedules expressed in January of 2010.
"That's a real indicator that Windows 7 migration is going well," she added, noting that making plan is the best that enterprises do. "No one exceeds plans," she said.
On Thursday, Microsoft cited Windows 7's adoption pace as a big reason for its better-than-expected quarterly earnings numbers. "Companies [are] adopting Windows 7 ... at historically high rates," said Peter Klein, Microsoft's chief financial officer, during a call with Wall Street analysts. Microsoft's Windows division posted revenues in the third quarter that were up 10% over same period of the year before.
Thursday, January 20, 2011
The "kill switch" for Windows Phone 7 apps
Microsoft has acknowledged that it has tools in place to "take action" against Windows Phone 7 malware or offending apps.
This capability, which is also present in Google Android and Apple iOS, essentially lets Microsoft, via it's Zune-based Windows Phone 7 Marketplace, unpublish an app or in some cases remove it from a phone if the software was deemed a dangerous-enough security threat. It was dubbed a "kill switch" by UK-based PCPro.com, which broke the story this week, based on an interview with Todd Biggs, director of product management for Windows Phone Marketplace.
Microsoft has created a highly automated app testing and certification process for Windows Phone 7 apps, and Briggs made clear the company expects that system to flag most instances of problematic code. But, he says, “Market Place is a complex operation and we need to have the capability for dealing with different situations.”
As quoted in PCPro, Briggs clearly suggested the most common method of deactivating malware on the phone would be to simply yank the app from the online catalog. "[B]ut if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could,” Biggs says.
That would most likely be done when the phone automatically and periodically checks into the catalog for downloads and updates.
The first Windows Phone 7 handsets for the U.S. become available Monday, November 8, on AT&T and T-Mobile.
This capability, which is also present in Google Android and Apple iOS, essentially lets Microsoft, via it's Zune-based Windows Phone 7 Marketplace, unpublish an app or in some cases remove it from a phone if the software was deemed a dangerous-enough security threat. It was dubbed a "kill switch" by UK-based PCPro.com, which broke the story this week, based on an interview with Todd Biggs, director of product management for Windows Phone Marketplace.
Microsoft has created a highly automated app testing and certification process for Windows Phone 7 apps, and Briggs made clear the company expects that system to flag most instances of problematic code. But, he says, “Market Place is a complex operation and we need to have the capability for dealing with different situations.”
As quoted in PCPro, Briggs clearly suggested the most common method of deactivating malware on the phone would be to simply yank the app from the online catalog. "[B]ut if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could,” Biggs says.
That would most likely be done when the phone automatically and periodically checks into the catalog for downloads and updates.
The first Windows Phone 7 handsets for the U.S. become available Monday, November 8, on AT&T and T-Mobile.
The "kill switch" for Windows Phone 7 apps
John Cox
Back to Microsoft Subnet
John Cox on Wireless
Microsoft has acknowledged that it has tools in place to "take action" against Windows Phone 7 malware or offending apps.
This capability, which is also present in Google Android and Apple iOS, essentially lets Microsoft, via it's Zune-based Windows Phone 7 Marketplace, unpublish an app or in some cases remove it from a phone if the software was deemed a dangerous-enough security threat. It was dubbed a "kill switch" by UK-based PCPro.com, which broke the story this week, based on an interview with Todd Biggs, director of product management for Windows Phone Marketplace.
Microsoft has created a highly automated app testing and certification process for Windows Phone 7 apps, and Briggs made clear the company expects that system to flag most instances of problematic code. But, he says, “Market Place is a complex operation and we need to have the capability for dealing with different situations.”
As quoted in PCPro, Briggs clearly suggested the most common method of deactivating malware on the phone would be to simply yank the app from the online catalog. "[B]ut if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could,” Biggs says.
That would most likely be done when the phone automatically and periodically checks into the catalog for downloads and updates.
The first Windows Phone 7 handsets for the U.S. become available Monday, November 8, on AT&T and T-Mobile.
Back to Microsoft Subnet
John Cox on Wireless
Microsoft has acknowledged that it has tools in place to "take action" against Windows Phone 7 malware or offending apps.
This capability, which is also present in Google Android and Apple iOS, essentially lets Microsoft, via it's Zune-based Windows Phone 7 Marketplace, unpublish an app or in some cases remove it from a phone if the software was deemed a dangerous-enough security threat. It was dubbed a "kill switch" by UK-based PCPro.com, which broke the story this week, based on an interview with Todd Biggs, director of product management for Windows Phone Marketplace.
Microsoft has created a highly automated app testing and certification process for Windows Phone 7 apps, and Briggs made clear the company expects that system to flag most instances of problematic code. But, he says, “Market Place is a complex operation and we need to have the capability for dealing with different situations.”
As quoted in PCPro, Briggs clearly suggested the most common method of deactivating malware on the phone would be to simply yank the app from the online catalog. "[B]ut if it was very rogue then we could remove applications from handsets - we don't want things to go that far, but we could,” Biggs says.
That would most likely be done when the phone automatically and periodically checks into the catalog for downloads and updates.
The first Windows Phone 7 handsets for the U.S. become available Monday, November 8, on AT&T and T-Mobile.
Microsoft warns of new Zero-day attack affecting Internet Explorer 6, 7, 8
Today Microsoft released Security Advisory 2458511 to warn Internet Explorer users of a new zero-day attack that Microsoft has seen in the wild. It affects versions 6, 7, and 8, although Microsoft says that the default installations of IE8 make that version of the browser harder to exploit.
UPDATED: Security researchers at Symantec reported the attack to Microsoft and earlier today posted details. I'll summarize. Attackers figured out specific exploits for older versions of IE, 6 and 7 specifically. They hacked otherwise innocent Web servers and added a page with malware. They sent e-mails to specific individuals within various organizations. When those individuals visited the page, the malware told them which version of IE they were using. If it was not IE 6 or 7, the victim saw a blank Web page. If it was, the nasty page downloaded a Trojan that allowed the hacker to install commands disguised as .gif files. The victim need do nothing but visit the Web page. The owners of identified Web sites hosting the malware pages have been contacted and the files removed, but there's no telling how many more are still out there.
It is unlikely that a patch will be available by next week's Patch Tuesday, says Jason Miller, data and security team leader, Shavlik Technologies, Minneapolis, MN. However Miller says if Microsoft sees an uptick in this attack, he would expect Microsoft to release an out-of-band patch.
Microsoft explains:
"The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability."
IE 8 is less vulnerable due to "defense in depth protections" from its Data Execution Prevention (DEP) feature, which Microsoft says is enabled by default in Internet Explorer 8 on all supported Windows platforms. While Microsoft PR says that " the impact of this vulnerability is extremely limited and we are not aware of any affected customers," the security advisory also notes that black hats are trying to take advantage of the hole in the wild. Its says, "At this time, we are aware of targeted attacks attempting to use this vulnerability."
Microsoft says that IE 9 isn't affected, but remember IE 9 isn't available for XP users, not even those who are using XP SP3, which Microsoft is still supporting.
While no patch is available yet, Microsoft has offered several workarounds including:
* Override the Web site CSS style with a user-defined CSS (that's not going to make a lot of Web developer's happy).
* Deploy Microsoft's Enhanced Mitigation Experience Toolkit, is a utility that Microsoft says helps prevent vulnerabilities in software from successfully being exploited. For more information
* IE7 users are urged to enable the Data Execution Prevention (DEP) feature, although this may cause conflicts with some browser extensions.
* Read e-mails in plan text
* Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
UPDATED: Security researchers at Symantec reported the attack to Microsoft and earlier today posted details. I'll summarize. Attackers figured out specific exploits for older versions of IE, 6 and 7 specifically. They hacked otherwise innocent Web servers and added a page with malware. They sent e-mails to specific individuals within various organizations. When those individuals visited the page, the malware told them which version of IE they were using. If it was not IE 6 or 7, the victim saw a blank Web page. If it was, the nasty page downloaded a Trojan that allowed the hacker to install commands disguised as .gif files. The victim need do nothing but visit the Web page. The owners of identified Web sites hosting the malware pages have been contacted and the files removed, but there's no telling how many more are still out there.
It is unlikely that a patch will be available by next week's Patch Tuesday, says Jason Miller, data and security team leader, Shavlik Technologies, Minneapolis, MN. However Miller says if Microsoft sees an uptick in this attack, he would expect Microsoft to release an out-of-band patch.
Microsoft explains:
"The vulnerability exists due to an invalid flag reference within Internet Explorer. It is possible under certain conditions for the invalid flag reference to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. At this time, we are aware of targeted attacks attempting to use this vulnerability."
IE 8 is less vulnerable due to "defense in depth protections" from its Data Execution Prevention (DEP) feature, which Microsoft says is enabled by default in Internet Explorer 8 on all supported Windows platforms. While Microsoft PR says that " the impact of this vulnerability is extremely limited and we are not aware of any affected customers," the security advisory also notes that black hats are trying to take advantage of the hole in the wild. Its says, "At this time, we are aware of targeted attacks attempting to use this vulnerability."
Microsoft says that IE 9 isn't affected, but remember IE 9 isn't available for XP users, not even those who are using XP SP3, which Microsoft is still supporting.
While no patch is available yet, Microsoft has offered several workarounds including:
* Override the Web site CSS style with a user-defined CSS (that's not going to make a lot of Web developer's happy).
* Deploy Microsoft's Enhanced Mitigation Experience Toolkit, is a utility that Microsoft says helps prevent vulnerabilities in software from successfully being exploited. For more information
* IE7 users are urged to enable the Data Execution Prevention (DEP) feature, although this may cause conflicts with some browser extensions.
* Read e-mails in plan text
* Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones
Subscribe to:
Posts (Atom)