Last Updated: 2015-06-27 21:36:05 UTC
by Guy Bruneau (Version: 1)
This week Computerworld  published a story about the US Navy still paying Microsoft millions to support Windows XP when support ended April 8, 2014  and soon Windows server 2003 will follow suit next month July 14, 2015.
Unless you are paying Microsoft to continue using legacy systems like WinXP, it is obvious that you would need to pay support to get patches and continue protecting you network against vulnerabilities that are no longer publically release to defend against potential compromised. This brings the cycle of modernizing custom applications used to support critical system that have been written on older platform and should have been part of a program to modernize, test and upgrade in time, to save million in support which I think in the end should save money. As an example, the Navy is paying a "[...] contract that could be worth up to $30.8 million and extend into 2017."
Are you still supporting WinXP because of legacy applications and is there a plan to migrate them over Win7/Win8? If not, how are you protecting these clients against exploitation?
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu