Windows XP’s Lingering And Troubling Market Share

Market share numbers for February are out, and it looks like XP is set to die standing up with nearly a third of the global OS market in its grip. NetMarketShare numbers for the second month of the year indicate that Windows XP controls 29.53 percent of the desktop operating system install base.

Support for Windows XP ends on April 8, or 34 days from now. Windows XP will retain double-digit market share on the date that Microsoft ends support.

“While we can’t speculate on the reasons of individual users, our guidance has been and continues to be that both consumers and organizations need to move off of Windows XP as soon as possible to ensure that they have the latest security, mobility and productivity tools,” a Microsoft spokesperson told TechCrunch. In a blog post yesterday, the company announced a tool to assist people migrating off of Windows XP.

Why should we be worried about a subset of the PC market falling behind in terms of security? Well, as Ars Technica’s Peter Bright pointed out earlier today, people are going to get hurt:

And while Firefox and Chrome will both be supported on Windows XP beyond the end-of-life, the substantial number of people using Internet Explorer 6-8 is strongly suggestive that many of these Windows XP users are going to be using not just an unsupported operating system, but an unsupported browser, too.

Exploitation of these people is inevitable, and it’s hard to see this ending well.

It will be worse than you expect. I spoke to Wolfgang Kandek, CTO of Qualys, a cloud-focused security company. He detailed the process by which remaining Windows XP users will be left out to dry: As Microsoft continues to patch Windows 7 after it stops supporting Windows XP, it will all but lay out a roadmap of potential exploits for the older operating system. Why? Because, according to Kandek, 70 percent of Windows 7 exploits also impact Windows XP. So the bad guys just have to see what was fixed in Windows 7, and check whether it hurts Windows XP. Boom, new exploits at a fast pace.

According to Kandek, this won’t happen right away, but by June or July of this year the ball will be rolling.

Aren’t enterprise-level buyers of PCs moving their fleets to Windows 7? Yes, but at a measured pace it seems, given that Windows 7’s market share declined in February. Kandek’s firm estimates that by Death Day, 14 percent of enterprise PCs will still run Windows XP:

Screenshot from 2014-03-04 10_19_44

This is going to get messy. And no potential, future, “free Windows” is going to prevent millions of PCs from becoming incredibly open targets.