Hackers stockpiling Windows XP zero-days as EOL nears

Windows XP is nearing its end of life (EOL) – April 2014, after which Microsoft will stop providing any and all kinds of support. This means no new security updates, no non-security hotfixes, no technical content updates and no support whatsoever – free of or paid.

Users and organizations still on Windows XP will have nowhere to go if their systems get compromised as Microsoft will not be giving out any security updates whatsoever. This means that if a zero-day vulnerability is found in XP it would stay a zero-day forever starting April 8, 2014.

“Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a “zero day” vulnerability forever”, warned Tim Rains, Director of Product Management at Microsoft TWC group in a blog post.

He further warned that organizations which are still on Windows XP won’t have any advantage over hackers and attackers who may new zero-day vulnerabilities in Windows XP by reverse engineering security patches for Windows 7 or Windows 8 as Microsoft is never going to release those for Windows XP.

According to our sources from the underground communities, hackers have taken a back seat for now when it comes to revealing Windows XP zero-days as they want to take full advantage of the exploits when the support for the decade old operating system officially ends. I interacted with three different hackers within the last 2 months and on each occasion, I was told that they were in possession of atleast 5 zero-day exploits that they will use once after the support ends.

According to one of the hackers, second half of 2014 is going to be a ripe time for building huge botnets using Windows XP zero-days. This doesn’t sound too exaggerated considering that over 37 per cent of desktop systems as of July still use Windows XP.