I would not be surprised if there were black hats out there sitting on exploits they've discovered, waiting until *after* April to release malware that takes advantage of them.


Andy Ingraham Dwyer
Infrastructure Specialist
State Library of Ohio
274 E. 1st Avenue
Columbus, OH 43201
Tel: 614-644-6849

Please contact my supervisor with any feedback regarding my customer service.

-----Original Message-----
From: Code for Libraries [mailto:[log in to unmask]] On Behalf Of Justin Coyne
Sent: Saturday, March 01, 2014 8:35 PM
To: [log in to unmask]
Subject: Re: [CODE4LIB] Windows XP EOL

They won't be a security risk on April 8th, but the first time that MS publishes security patches after that date for newer version, security researchers will examine the patches.  Doing so will give them an idea about how to exploit the problem the patch was for.  They will then try to run the exploit on XP and see if it is vulnerable. Eventually they will find an exploit that works against XP.

Even if you have a AV, people can exploit your machine without using a virus.  Is that a risk you want to accept?


On Sat, Mar 1, 2014 at 4:59 PM, Jimm Wetherbee <[log in to unmask]> wrote:

> Just because MS won't support XP any more doesn't mean those machines 
> are instantly useless or a security risk come April 8th.  We will not 
> be doing anything with our lab computers until Summer because they are 
> too old to run Windows 8 but we cannot do without them.
> --jimm
> On Sat, Mar 1, 2014 at 5:28 PM, Riley Childs <[log in to unmask]
> >wrote:
> > Hi,
> > I wanted to hear how people are dealing with the Windows XP 
> > End-of-Life (if anything at all :(
> >
> >
> > Personally I am migrating the computers that can run it to Windows 8 
> > (we ran out of 7 licenses and someone (years ago) bought SA, but 
> > that's
> another
> > story), and when April 7th comes around: throw anything we can't use 
> > away (sigh).
> >
> > Riley Childs
> > Student
> > Asst. Head of IT Services
> > Charlotte United Christian Academy
> > (704) 497-2086
> >
> > Sent from my Windows Phone, please excuse mistakes
> >
> --