The coming XPocalypse and five things Microsoft can do to prevent it

It is in Microsoft's best interests, as well as those of their customers, to take some steps to prevent the XPocalypse.
Written by David Gewirtz, Senior Contributing Editor

Unlike the Mayan nonpocalypse, which was predicted by everyone but the Mayans, we know that April 8, 2014 will be an XPocalypse of epic proportions -- and even Microsoft agrees on the year, month, and day.

In fact, it's Microsoft that set the date. April 8, 2014 is the date that millions of computer users worldwide will become completely unprotected targets of criminals, ne'er-do-wells, evil dictators, and Apple ads. April 8, 2014 is the date that Microsoft stops supporting Windows XP.

First, lets establish a basic given.

Any corporation has a right to do whatever they want with their products. Over the past year, we've seen Microsoft exercising that right in the extreme.

They introduced Windows RT and the Surface RT, then went on to write down $900 million due to unsold RT devices (in my opinion, RT stands for wRong Turn). They introduced Windows 8 without a Start menu, when every Windows user on the planet has been using a Start button for more than a decade and that's how it works. They included Office on the Surface devices, but the license wouldn't allow Office to be used in offices.

They introduced the XBox One and then they alienated every Xbox user on the planet by telling people they couldn't sell used games. They then decided to alienate every serving member of the U.S. armed forces by insisting all XBox Ones would need a persistent Internet connection. They quickly backpedaled on that one. I'm guessing no one wanted the Marines pissed at them for any length of time.

There's more, of course, but it makes me just want to write "WTF" on Steve Ballmer's very slopey forehead. The point is, corporations can do whatever the heck they darn well want to do, and Microsoft has shown its innate understanding of that fact while also showing a complete lack of understanding of its customers needs and desires.

So anyway, here we are. Our own Ed Bott says there are roughly 1.5 billion PCs out there, and 33.66 percent of them run XP. That means that there are just about 500 million machines out there currently running XP. Still.

Think about it. 500 million exceeds the entire population of the U.S. (babies, kids, adults -- everyone) by a large margin. Clearly, that number will decline organically over time. However, it is unlikely to decline fast enough to protect the hundreds of millions of users who are about to become a truly target-rich environment for attackers.

Who are these users?

They're the people who don't want to learn an new OS. The people who don't want to buy new machines. The people for whom XP is good enough. The people who aren't technically savvy enough to upgrade their operating system. The people who have some legacy application they must run on an old XP environment and don't know how to make that work on a modern OS. The people who are just simply too lazy to upgrade and those that don't think the security problem is a real enough threat to them to justify doing anything.

In other words, we're looking at a population of defenseless, self-identifying sheep in a world where there are hungry wolves 200 milliseconds away.

We don't know exactly how "no support" will take form, but it's likely that Windows Updates won't work anymore. So, not only will no new exploits be fixed, but it's entirely possible that machines that haven't been updated prior to April 8, 2014 won't be able to be updated to the final patch level for XP.

If you don't think that cybercriminals have marked April 8, 2014 on their calendars with a big star, you're crazy. If you don't think they're holding back on launching some of their bigger exploits until after the patching ends, you're naive. For cybercriminals intent on skinning our 500 million sheep, April 8, 2014 is D-Day.

By abandoning XP on April 8, 2014, Microsoft will cease being a good shepherd of its most loyal customers. Microsoft is just leaving them out there, exposed, and unprotected. On April 8, 2014, those millions of remaining XP users will be like lambs being led to the slaughter. To paraphrase Jeremiah 11:19, they do not know that plots have been devised against them.

Next: the risk to Microsoft and the five things...

The risk to Microsoft

There's no doubt Microsoft has been trying to move consumers off of Windows XP since the early Vista days. As Ed's chart shows, the company has been moderately successful, in that Windows 7 usage as a percentage of all PC operating system usage now exceeds XP 45 percent to 33 percent.

There's also no doubt, as I discussed above, that Microsoft has the right, like any company, to abandon its XP users, especially since it really has spent more than half a decade trying to get them to move on.

But having the right to do something doesn't mean it's right to do something. And it also doesn't mean that there won't be unintended consequences. Here's one example.

If you think Microsoft has gotten bad PR for the Surface RT and how buyers confuse it with a real Windows machine, you haven't seen anything yet when it comes to abandoned Windows XP users.

What happens when families start losing their entire life savings because their XP machines were hacked? Up until now, you could point your fingers at the users and blame them for not upgrading. But once upgrading is unavailable, it's inevitable that Microsoft will get blamed. The bad PR for Microsoft and the stories of Microsoft's security failings will be epic.

It is therefore in Microsoft's best interests, as well as those of their customers, to take some steps to prevent the XPocalypse.

Five things Microsoft can do to prevent XPocalypse

I promised you five things Microsoft can do, and here they are:

1. Build a final, ultimate roll-up XP service pack: This is probably the easiest and most practical. Today, we can download roll-up service packs and apply them outside of the Windows Update process. Just as soon as Microsoft finishes their last patches for XP, they can create a downloadable SP4 and make it available on their Web site in perpetuity.

2. Keep patching XP for XPloits: We know how desperately Microsoft wants to move on, but if they do, XP will continue to be subject to ever-worsening exploits. The company has roughly $77 billion in annual revenue and almost 100 thousand employees. If they can devote an entire team to the universally-hated Bing Bar, they can keep a small team of dedicated security patchers updating XP and keeping their laggard customers safe.

3. Offer another great Windows 8 upgrade deal: Back when Windows 8 was launching, Microsoft offered a $39.99 upgrade deal to Windows 8. Now, however, if you want to upgrade an XP machine from XP to Windows 8.1, you're going to pay a minimum of $119.

Microsoft could encourage XP upgrading by creating a perpetual $39.99 upgrade pack for XP users. They can certainly detect XP and if the user is upgrading from XP, make it inexpensive to do so. If Microsoft want to encourage XP users to move on, this is a great way to do it. After all, the cost of goods for those extra Windows 8 bits approaches zero.

4. Give senior citizens free upgrades to Windows 8: Seniors are most at-risk in the XP world. They're the least technology savvy and they have the most to lose. Given that many are on a fixed income, they are also the most likely to look at the upgrade cost for either a new PC or a $119 copy of Windows 8.1 and think the options are too expensive.

Granted, there would be some cost to Microsoft. But imagine the good press they could get -- while at the same time supporting brick and mortar retailers. Microsoft could do a promotion (and promote the heck out of it for the good PR) telling seniors to go into Office Depot, Staples, or Best Buy, show ID, and walk out with a free copy of Windows 8.1.

Given that these folks wouldn't be buying 8.1 anyway, Microsoft would gain new users, reduce its support headache, and look like it really does care about users.

5. Listen to users and press: I know this is hard for those remaining Microsoft executives who haven't jumped ship, but their customers and those of us in the tech press have been around the block a few times.

We know how users will react and what the press will write. We knew Microsoft would get panned for the lack of a Start menu way before Windows 8 went golden master The company ignored us, the Windows 8 launch was a disaster, and Microsoft is finally adding a Start button to Windows 8.1.

We knew the Surface RT was going to be a dog. The company ignored our accurate predictions, and wound up taking a $900 million write-down on unsold inventory.

So, in the context of the XPocalypse, we know there will be bad fallout leaving 500 million or so users out in the cold as targets of predators. Microsoft may be able to prevent the worst of it by following one or more of the five items I've listed here.

Nah. They won't listen until after the nukes go off and the fallout from that latest of bad decisions covers the earth.

By the way, I'm doing more updates on Twitter and Facebook than ever before. Be sure to follow me on Twitter at @DavidGewirtz and on Facebook at Facebook.com/DavidGewirtz.

Editorial standards