BOSTON (Reuters) - Microsoft Corp released its final security updates for Windows XP and Office 2003 on Tuesday as security experts warned users that they could soon be prime targets for cyber attacks if they do not abandon the products.
Security experts advise consumers and businesses to either replace computers running Windows XP or upgrade to modern versions of Microsoft’s software within the next month because they will no longer be protected from newly discovered threats after the middle of May.
Microsoft automatically rolls out new security updates on the second Tuesday of each month, which is known as “Patch Tuesday,” a day when they also publish technical details on the security bugs they are fixing. The next Patch Tuesday is May 13.
Security experts say they believe hackers will study that data and “reverse engineer” the May Patch Tuesday software updates to identify ways to attack computers running Windows XP, along with Office 2003, which will no longer receive patches from Microsoft.
“Attackers will use this as an accelerator. It’s an easier way to get at machines,” said Wolfgang Kandek, chief technology officer with cybersecurity firm Qualys Inc.
Microsoft wants users to move to more modern versions of the operating system partly because it has incorporated new security features into the software over the past decade that make it far more effective in thwarting cyber attacks.
The world’s largest software maker first warned that it was planning to end support for Windows XP in 2007, but security firms estimate that 15 to 25 percent of the world’s PCs still run on the version of the operating system that was released in October 2001.
Only about a third of the world’s 2.2 million ATMs which use the system have been upgraded to newer operating systems, according to NCR, one of the biggest ATM makers.
Reporting by Jim Finkle; Editing by Tom Brown