Windows XP security
The end of support for Windows XP could start a deluge of cyber attacks and malware infections on unprotected systems.

When Microsoft issues its final security update for Windows XP on 8 April, the millions of people and businesses still using Microsoft's most popular ever operating system will be left vulnerable to opportunistic hackers and malware coders.

It is estimated that over a quarter of all computers worldwide still run on Window XP. According to Net Market Share, the figure was as high as 27.69% last month.

Windows XP market share
Desktop operating system market share (March 2014). Net Market Share

While the majority of these come from China, systems still running Windows XP that are online are potentially endangering everyone who uses the internet, as XP users are essentially offering their computer as a platform to launch spam campaigns, disseminate malware or take part in distributed denial of service (DDoS) attacks.

Like 'breaking into a car with no alarm'

Switching to a newer operating system is relatively simple for consumers and home users. The challenge comes for those running large computer networks operating entirely on Windows XP.

Experts have warned that businesses, charities and other organisations still running the system face an "uphill struggle" in the months ahead, as even the smallest exploits will be targeted by hackers safe in the knowledge that Microsoft will not fix the problem with patches and updates.

Sergio Galindo, infrastructure business unit general manager at GFI Software, believes that potential holes for exploitation in the system will continue to increase significantly with each passing day.

"The potential holes for exploitation will continue to multiply over time and as such the cost of managing a Windows XP estate will rise very quickly," Galindo tells IBTimes UK, "both from a maintenance point of view, and also from potential exploits and lost productivity.

"For hackers, Windows XP is like breaking into a car with no alarm installed, it will be easy for them as all the potential exploits and vulnerabilities will be known from patches for other versions of Windows."

Steady flow of attacks

Cybercriminals are believed by some to be researching and hoarding exploits for XP in anticipation of the upcoming support deadline, but will not necessarily use them immediately.

"I think it is far-fetched to say that criminals will unleash a deluge of exploits," Rik Ferguson, vice president of security research at Trend Micro, tells IBTimes UK.

"Their interests are not served by flooding the market with a wide range of zero-day exploits at the earliest possible opportunity, the interests of the attacker are best served by using a steady flow of vulnerabilities over the remaining installed-base lifetime of Windows XP."

Sectors that could be significantly affected by the end of support include "critical infrastructure" like banks and hospitals.

'Guaranteed compromise'

Organisations still using Windows XP have been continuously reminded by Microsoft that they should upgrade to the latest Windows 8 operating system, or at the very least one that is still supported, like Windows Vista or Windows 7.

Microsoft has even offered a $100 instant rebate to US customers buying new computers to encourage them to trade up from XP.

The slow switch has led some organisations to seek continued support packages from Microsoft, including both the UK and the Dutch government, at a cost of millions. However, those unable to fork out the millions are set to be left high and dry.

"For businesses still running XP in any great quantity," Ferguson warns, "the migration will be a time-consuming project giving attackers several months to a year to trickle out the exploits with a regular consequence of almost guaranteed compromise."