Jump to other news and events
Purdue signature

Faculty, staff urged to upgrade from Windows XP, Office 2003 by April 8 to dodge cyber hazards

Microsoft recently announced it will no longer issue updates to its Windows XP operating system or to Office 2003. Individuals who run either of these programs on personal or University-supported computers should upgrade their machines before April 8 to reduce threats such as malware and cyber-attacks.

Greg Hedrick, ITaP’s director of security services, says people who don’t upgrade or replace old systems are putting themselves and the University at risk, since nothing can protect an outdated computer against compromise over time. 

“We can predict that many cybercriminals will wait until after Microsoft stops releasing security updates to pounce on known Windows XP vulnerabilities because, after April 8, the payout from their exploits will spike,” Hedrick says. “This is a big concern from a security perspective. A compromised system can be used to attack other systems within and outside of Purdue’s network, and it also can be used to access confidential information, which puts the individual and University at financial risk.”

Even Microsoft’s Tim Rains, director of the company’s Trustworthy Computing group, predicts that the chance of malware infections for Windows XP users’ machines will increase by 66 percent after April 8.

To help reduce security risks, individuals using a computer for University business, or to store and access certain types of data, as outlined in Purdue’s data classification and handling policies, should do the following:

  • For departments with University-supported computers that run Windows XP or Office 2003, contact your local IT support staff for an upgrade.
  • For faculty and staff using personal machines to access Purdue's network, get upgraded via direct downloads for a nominal fee through OnTheHub, Purdue’s online software vendor.

Hedrick says there are other factors, in addition to security concerns, that should encourage individuals to upgrade. For example, once Microsoft stops issuing security updates for Windows XP and Office 2003, users also will no longer be able to call the company to receive free or paid assisted support for the software. Moreover, those who wish to leverage Microsoft’s latest software and tools on their personal machines, including Office 365 and Office 2013, must use Windows 7 or later.

Additionally, a recent industry report from Gartner Research says independent software vendors are unlikely to support new versions of applications on Windows XP. Gartner research further indicates that PC hardware manufacturers will stop supporting Windows XP on new PCs.

For more information, visit the following links:

Writer: Andrea Thomas, ITaP technology writer, 765-496-8204, thomas78@purdue.edu

Source: Greg Hedrick, director of information security services, 765-494-1875, hedrick@purdue.edu

Last updated: March 24, 2014