Still running Windows XP in 2013? Time is running out.

Posted February 6, 2013, 4:30 pm by Manville Chan

Image of Manville

Manville Chan

Windows XP is the most successful and popular Windows-based operating systems in history. At its peak, it was estimate that 400 million users were using the operating system world-wide. Even though Microsoft had ended the regular upgrades and improvements to Windows XP in April 2009, it was estimated that it still owned 20% of market share as of December 2012.

In less than 14 months from now, Microsoft will officially end the extended support of Windows XP. What this means is that Microsoft will no longer issue security update patches for this dated operating system that was introduced in 2001.

Although there’s no specific study in the retail market, we estimated that a sizeable number of retail POS systems and PCs are still running Windows XP. The end of this OS support will certainly impact the compliance status of retail merchants who are required to complete SAQ C and SAQ D. PCI Data Security Standard Requirement 6.1 stated that all system components and software are required to protected from known vulnerabilities by having the latest vendor-supplied security patches installed. Without Microsoft’s continuance in providing AutoUpdate, requirement 6.1 will no longer be compliant after April 8, 2014. 

The only practical solution for retail merchants is to upgrade their PCs and POS systems to run more modern operating systems such as Windows 7 or Windows 8. If using an existing computer, upgrading operating system is a time consuming task, since you will need to migrate data and reinstall all the software. Also be aware that you may also need to purchase new versions of needed software, as older software may not support your upgraded operating system.

If you have a POS, chances are that you are required to complete SAQ C or SAQ D. So, do not procrastinate, and start researching and planning for this required upgrade this year.

 
Filed under: Security Threats
Edited January 6, 2015 by
Listed in Communities: Our Site
Tagged as: PCI DSS windows xp


You must be logged in to post comments.