Cyvera TRAPS – Security Solution to Upcoming Legacy Windows XP

By Yiftach Keshet | October 31, 2013

Microsoft has announced that starting from April 8 2014 it will no longer support Windows XP. The motivation seems to be that an 11 years old Windows XP is much more vulnerable than its successors: Windows 7 & Windows 8. In fact, according to Microsoft attacks on Windows XP occur six times more than on Windows 8.

According to Tim Rains, Director of Microsoft Trustworthy Computing, ”Microsoft Windows XP was released almost 12 years ago, which is an eternity in technology terms. While we are proud of Windows XP’s success in serving the needs of so many people for more than a decade, inevitably there is a tipping point where dated software and hardware can no longer defend against modern day threats and increasingly sophisticated cybercriminals.”

The security derivative of the support cessation is quite significant. Microsoft will no longer release patches to Windows XP, which will pose a grave security problem to those who will stick to using Windows XP rather than upgrade the operating system.

To understand the risk impact we should consider the fact that about two thirds of malware developed for Windows 7, for instance, work well on Windows XP. This means that any security update released for Windows 7 has a 66% chance of being added to a list of fresh, never-to-be-patched security holes in Windows XP machines still in use.

Currently, of the estimated 1.3 billion Windows PCs in use globally, some 21% use Windows XP. Counting the PCs accessing the Internet, some 31% are Windows XP machines.

So apparently, the choice that stands before enterprises is either to upgrade, or enlarge their attack surface into inconceivable measures. As updating an entire machine environment is a complicated process we must assume that many of the current Windows XP users will reach April 8 with their XPs still alive and kicking. It is important to note that since many enterprises are mutually-related due to business relationships and chain supply, a Windows XP security gap in one of the enterprises could affect the entire corresponding ecosystem.

Cyvera offers a solution to this complication. More accurately, Cyvera can offer its customers immunity from these complication impacts in the form of Cyvera TRAPS Legacy – a TRAPS version, designated for Windows XP users.

Cyvera TRAPS are able to block and reveal any attack, without any prior knowledge of the attack (zero-days included). This means that by installing Cyvera TRAPS Legacy version on a Windows XP machine, the machine is protected from any new attack that targets vulnerabilities in Windows XP that will never be patched. From Cyvera’s point of view it is not different from any other successfully blocked zero day. The risks associated with the lack of Microsoft support for Windows XP do not apply to Windows XP machines that have Cyvera TRAPS Legacy installed on them.

Implementation of Cyvera TRAPS Legacy allows an enterprise to conduct its Microsoft OS updating policies according to its own needs and on its own pace without compromising security.