JRB - Fotolia
It might seem crazy for an organization to still use Windows XP, but the elderly operating system is hanging around at many companies. The mere presence of Windows XP is bad enough, but what's even worse is that many of the machines aren't current with the latest Windows XP patch.
Windows XP is a dead OS, so Microsoft doesn't release Windows XP patches anymore. Unpatched machines connected to the network go without necessary security updates and can act as a portal for hackers and malware, but there is a way IT administrators can continue to patch and secure Windows XP machines until 2019.
Microsoft has a sister version of Windows XP called Windows POSReady 2009. It's an operating system for point of sale machines such as credit card readers, and its core is based on Windows XP Service Pack 3. Admins can make a simple change to the Windows XP registry to make XP think it's POSReady 2009, and it will continue to receive patches.
Windows XP patch hack
The hack is simple: Add a DWORD of <1> into the registry hive KEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady, and Windows updates start flowing again.
This hack only works with 32-bit versions of Windows XP, but 64-bit versions are rare. If an organization does have a 64-bit version, there is a method to get updates, but it is risky because the updates aren't tested on regular XP systems. Microsoft does not support either hack for getting continued Windows XP patches.
Using the registry edit to trick Windows XP into thinking it's Windows POSReady 2009 can improve security for organizations that can't move off Windows XP. Some shops simply can't make the transition from Windows XP to another operating system, whether it's because a legacy application won't run on a newer OS or there's no budget to upgrade. And although this tweak isn't supported by Microsoft, the security risks associated with not patching networked and internet-connected Windows XP systems are too great to not take any action. All it takes is for one user to click the wrong link or open a bad email attachment and not only is the unpatched Windows XP system infected, but the entire network is put at risk.
This registry hack is not the only option available to shops that still run Windows XP, however. Admins can turn to application virtualization, web-based applications or third-party products such as Sphere 3D's Glassware 2.0.
Regardless of the method they choose, IT administrators need a set plan to rid their networks of Windows XP or at least patch the machines that still run XP using the registry entry. Admins should also ensure that they're following other industry best practices on these endpoints, including implementing strong malware protection, data loss prevention, and proactive logging and alerting tools. If admins decide to ignore the security problems of sticking with Windows XP, they might be responsible if there's a security incident or confirmed breach.
Guide to a post Windows XP world
Why did Windows XP stick around so long?
User risk with Windows XP