Palo Alto Networks Has Windows XP Users Covered

Scott Simkin


This week Microsoft ends support for Windows XP, and organizations will no longer receive security updates or patches for the still widely used operating system.

If we’re going by industry analyst Gartner’s estimate, 15 percent of midsize and large enterprises are still running Windows XP-based PCs on their network. This population of Windows XP users represents an appealing attack surface for Advanced Persistent Threats (APTs) and those looking to discover potential new vulnerabilities. In addition, there’s been enough attention paid to the Windows XP deadline that cybercriminals could have stored a backlog of zero-day exploits, taking advantage of unknown vulnerabilities, planning for the moment that XP systems will no longer receive regular updates from Microsoft. These threat actors can use these exploits to deliver malware, compromise networks and steal intellectual property.

But we’re here to tell you that Palo Alto Networks has Windows XP users covered.  We offer our customers multiple ways of protecting against known and unknown exploits, which could take advantage of unpatched vulnerabilities in the operating system. These ways include:

  • Discovery of unknown exploits with WildFire, which will continue to run Windows XP in a cloud-based malware analysis environment to execute suspicious files delivered over the network
  • Blocking known vulnerability exploits via Threat Prevention, regardless of port, protocol or encryption
  • Disrupting outbound command-and-control communication, which can be used by attackers to deliver malware to an exploited Windows XP system

The Palo Alto Networks security platform automatically develops protections against these known and unknown exploits, sharing them with all customers around the globe, and ensuring this shared intelligence will continue to protect customers from newly discovered attacks against Windows XP systems.

It is important to note that in enterprise security, there are no absolutes, and customers should continue to watch their network for Indicators of Compromise (IoCs) by malware infections, and pay special attention to the now-more-vulnerable Windows XP-based systems.

You’ll continue to see headlines about the end of Windows XP support and what it means for you. Security operations teams will need not only to be more vigilant, but also to continue to focus on the much more common exploitation of the common applications enterprises use every day.

Internet Explorer, Microsoft Office and Adobe Reader are all applications more commonly exploited than operating systems such as Windows XP, so you need an integrated system that is able to detect and prevent known and unknown exploits against each. That is exactly what the Palo Alto Networks security platform offers, discovering the telltale signs of APTs in all commonly exploited applications, across Windows XP and Windows 7.

For more:

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS