DELL is showing off ”enterprise class” security for small to medium businesses with the launch of a SuperMassive 9800 next-generation firewall, which it claims will protect against high-profile bugs such as Shellshock and Heartbleed.
Touted as the most powerful in the fresh 9000 line-up, and sounding a little like a gang of rappers, the SuperMassive 9800 offers services such as advanced Deep Packet Inspection with speeds up to 20Gbps, and Dell’s patented Reassembly-Free Deep Packet Inspection (RFDPI) single-pass threat prevention engine.
RFDPI scans multiple application types and protocols to spot internal and external attacks and application vulnerabilities, Dell said, making it better at detecting attacks.
The SuperMassive 9800 is also bundled with Dell’s Global Management System 8.0, a tool designed to manage systems and offer real-time event monitoring, analytics and reporting from a single centralised dashboard.
Dell claims that this makes it easier to meet compliance regulations while managing and monitoring network security processes.
The firm claimed that the SuperMassive 9800 provides 97.9 percent “security effectiveness” and helps to protect customers from Shellshock and Heartbleed-level vulnerabilities.
“The recent disclosures of the ShellShock and HeartBleed industry-wide vulnerabilities demonstrate that organisations are literally a few well-formed packets away from infrastructure disaster, proving the need for instant and automated security scaled to meet the needs of the network,” said executive director of Dell Security, Patrick Sweeney.
“The SuperMassive 9800 provides that level of instant security on a flexible, feature-rich platform.”
Shellshock was uncovered in September, and some experts claim that it could be more serious than the Heartbleed SSL bug uncovered in April.
The Bash bug, as implied by its name, is a vulnerability that allows unscrupulous users to take control of Bourne Again Shell (Bash), the software used to control the Unix command prompt on some Unix-like systems.
Researchers at FireEye and Trend Micro warned later in September that hackers were still mounting cyber attacks across the globe thanks to exploits of Bash bug vulnerabilities, made worse by an unsuccessful patch.
Kwon Oh-hyun has said he is not worried about a price war in the semiconductor industry next year even though the firm is rapidly expanding its production volume.
“We’ll have to wait and see how things will go next year, but there definitely will not be any game of chicken,” said Oh-hyun, according to Reuters, suggesting the firm will not take chip rivals head on.
Samsung has reported strong profits for 2014 owing to better-than-expected demand for PCs and server chips. Analysts have also forecast similar results for the coming year, so things are definitely looking good for the company.
It emerged last week that Samsung will fork out almost $15bn on a new chip facility in South Korea, representing the firm’s biggest investment in a single plant.
Samsung hopes the investment will bolster profits in its already well-established and successful semiconductor business, and help to maintain its lead in memory chips and grow beyond the declining sales of its smartphones.
According to sources, Samsung expects its chip production capacity to increase by a “low double-digit percentage” after the facility begins production, which almost goes against the CEO’s claims that it is not looking for a price war.
Last month, Samsung was found guilty of involvement in a price fixing racket with a bunch of other chip makers stretching back over a decade, and was fined €138m by European regulators.
An antitrust investigation into chips used in mobile device SIM cards found that Infineon, Philips and Samsung colluded to artificially manipulate the price of SIM card chips.
RedHat has announced the Fedora 21 Alpha release for Fedora developers and any brave users that want to help test it.
Fedora is the leading edge – some might say bleeding edge – distribution of Linux that is sponsored by Red Hat. That’s where Red Hat and other developers do new development work that eventually appears in Red Hat Enterprise Linux (RHEL) and other Red Hat based Linux distributions, including Centos, Scientific Linux and Mageia, among others. Therefore, what Fedora does might also appear elsewhere eventually.
The Fedora project said the release of Fedora 21 Alpha is meant for testing in order to help it identify and resolve bugs, adding, “Fedora prides itself on bringing cutting-edge technologies to users of open source software around the world, and this release continues that tradition.”
Specifically, Fedora 21 will produce three software products, all built on the same Fedora 21 base, and these will each be a subset of the entire release.
Fedora 21 Cloud will include images for use in private cloud environments like Openstack, as well as AMIs for use on Amazon, and a new image streamlined for running Docker containers called Fedora Atomic Host.
Fedora 21 Server will offer data centre users “a common base platform that is meant to run featured application stacks” for use as a web server, file server, database server, or as a base for offering infrastructure as a service, including advanced server management features.
Fedora 21 Workstation will be “a reliable, user-friendly, and powerful operating system for laptops and PC hardware” for use by developers and other desktop users, and will feature the latest Gnome 3.14 desktop environment.
Those interested in testing the Fedora 21 Alpha release can visit the Fedora project website.
Intel has announced that it is sampling its Xeon D 14nm processor family, a system on chip (SoC) optimized to deliver Intel Xeon processor performance for hyperscale workloads.
Announcing the news on stage during a keynote at IDF in San Francisco, Intel SVP and GM of the Data Centre Group, Diane Bryant, said that the Intel Xeon processor D, which initially was announced in June, will be based on 14nm process technology and be aimed at mid-range communications.
“We’re pleased to announce that we’re sampling the third generation of the high density [data center system on a chip] product line, but this one is actually based on the Xeon processor, called Xeon D,” Bryant announced. “It’s 14nm and the power levels go down to as low as 15 Watts, so very high density and high performance.”
Intel believes that its Xeon D will serve the needs of high density, optimized servers as that market develops, and for networking it will serve mid-range routers as well as other network appliances, while it will also serve entry and mid-range storage. So, Intel claimed, you will get all of the benefits of Xeon-class reliability and performance, but you will also get a very small footprint and high integration of SoC capability.
This first generation Xeon D chip will also showcase high levels of I/O integrations, including 10Gb Ethernet, and will scale Intel Xeon processor performance, features and reliability to lower power design points, according to Intel.
The Intel Xeon processor D product family will also include data centre processor features such as error correcting code (ECC).
“With high levels of I/O integration and energy efficiency, we expect the Intel Xeon processor D product family to deliver very competitive TCO to our customers,” Bryant said. “The Intel Xeon processor D product family will also be targeted toward hyperscale storage for cloud and mid-range communications market.”
Bryant said that the product is not yet available, but it is being sampled, and the firm will release more details later this year.
This announcement comes just days after Intel launched its Xeon E5 v2 processor family for servers and workstations.
Intel is cooking up a hot batch of Xeon processors for servers and workstations, and system vendors have already designed systems that are ready and raring to go as soon as the chips become available.
Boston is one of the companies doing just that, and we know this because it gave us an exclusive peek into its labs to show off what these upgraded systems will look like. While we can’t share any details about the new chips involved yet, we can preview the systems they will appear in, which are awaiting shipment as soon as Intel gives the nod.
Based on chassis designs from Supermicro, with which Boston has a close relationship, the systems comprise custom-built solutions for specific user requirements.
On the workstation side, Boston is readying a mid-range and a high-end system with the new Intel Xeon chips, both based on two-socket Xeon E5-2600v3 rather than the single socket E5-1600v3 versions.
There’s also the mid-range Venom 2301-12T, which comes in a mid-tower chassis and ships with an Nvidia Quadro K4000 card for graphics acceleration. It comes with 64GB of memory and a 240GB SSD as a boot device, plus two 1TB Sata drives configured as a Raid array for data storage.
For extra performance, Boston has also prepared the Venom 2401-12T, which will ship with faster Xeon processors, 128GB of memory and an Nvidia Quadro K6000 graphics card. This also has a 240GB SSD as a boot drive, with two 2TB drives configured as a Raid array for data storage.
Interestingly, Intel’s new Xeon E5-2600v3 processors are designed to work with 2133MHz DDR4 memory instead of the more usual DDR3 RAM, and as you can see in the picture below, DDR4 DIMM modules have slightly longer connectors towards the middle.
For servers, Boston has prepared a 1U rack-mount “pizza box” system, the Boston Value 360p. This is a two-socket server with twin 10Gbps Ethernet ports, support for 64GB of memory and 12Gbps SAS Raid. It can also be configured with NVM Express (NVMe) SSDs connected to the PCI Express bus rather than a standard drive interface.
Boston also previewed a multi-node rack server, the Quattro 12128-6, which is made up of four separate two-socket servers inside a 2U chassis. Each node has up to 64GB of memory, with 12Gbps SAS Raid storage plus a pair of 400GB SSDs.
ZDNet’s Mary Jo Foley, citing unnamed sources, said that Microsoft will deliver a “technical preview” of Threshold late in September or early in October. Previously, Foley had reported that Microsoft would offer a preview of some kind this fall.
Threshold may be officially named “Windows 9″ by Microsoft — the company has said nothing about either the code name or labeled the next iteration of its desktop and tablet OS — although there are arguments for dumping a numerical title because of the possible association with Windows 8, which has widely been pegged as a failure.
“Technical Preview” is a moniker that Microsoft has used in the past for its Office suite. For both Office 2013 and Office 2010, Microsoft used the term to describe an invitation-only sneak peek. Both application suites were later released as public betas prior to their official launch.
Windows, however, has used a different nomenclature. For 2012′s Windows 8, Microsoft called the early looks ”Developer Preview,”"Consumer Preview” and “Release Preview,” all open to everyone. The first was analogous to an alpha, the second to a beta, and the third to a done-but-not-approved release candidate.
Windows 7, however, had used the more traditional “Beta” to describe the first public preview in early 2009. The previous fall, when Microsoft unveiled Windows 7, the firm had seeded an invite-only “pre-alpha” version, also dubbed a Developer Preview, of the OS to programmers and some influential bloggers.
Within hours, the Windows 7 Developer Preview leaked to file-sharing websites. Microsoft may have changed its practices for Windows 8, letting anyone download the first preview, because of the inevitably of leaks.
In an update to her blog of earlier today, Foley added that the “Technical Preview” nameplate notwithstanding, Microsoft would allow anyone to download Threshold/Windows 9 when it becomes available in the next few weeks.
If Microsoft does ship a preview soon and sets its sights on a second-quarter 2015 final release, it will have significantly accelerated the tempo from past practice. With Windows 7 and Windows 8, Microsoft offered its first previews 12 and 13 months, respectively, and the public beta 8 or 9 months, before launching the operating system.
Eight or nine months from September would be May or June 2015; that, however, assumes that the Technical Preview is of beta quality. The name itself hints at something less.
Microsoft appears eager to put Windows 8 behind it. It has stopped beating the drum about the OS and recently announced that it would not issue any additional major updates. Instead, the firm said last week, it will include improvements or new features in small packets using the same Windows Update mechanism that regularly serves security patches.
Kaspersky Lab has discovered an espionage network that successfully attacked government institutions, intelligence agencies and European companies.
The firm has dubbed the spy operation Epic Turla, and said that it is in no doubt about its capabilities.
“Over the last 10 months, Kaspersky Lab researchers have analysed a massive cyber-espionage operation which we call ‘Epic Turla’,” it said.
“The attackers behind Epic Turla have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies.”
Kaspersky said that Epic Turla used two zero-day exploits that affected Adobe and Microsoft software, along with some backdoor and social engineering tricks.
In particular, Kaspersky said a vulnerability in Windows XP and Windows 2003 – CVE-2013-5065 – termed a “privilege escalation vulnerability” is being used. “The CVE-2013-5065 exploit allows the backdoor to achieve administrator privileges on the system and run unrestricted. This exploit only works on unpatched Microsoft Windows XP systems.”
The use of this Windows XP flaw underlines the risk that the unsupported Windows XP OS poses. Kaspersky went on to explain that, once inside, attackers install their own rootkits and other malware tools and begin their surveillance.
“Once the attackers obtain the necessary credentials without the victim noticing, they deploy the rootkit and other extreme persistence mechanisms,” it said. “The attacks are still ongoing as of July 2014, actively targeting users in Europe and the Middle East.”
The attacks are just the latest in a long line of incidents that businesses need to be aware of as cyber attacks continue at an alarming rate.
In June the security firm Crowdstrike alerted the industry to Putter Panda, a cute-sounding but nasty piece of malware. That firm pointed an accusatory finger at China and charged it with espionage on the US and Europe.
Crowdstrike CEO George Kurtz said at the time, “China’s decade-long economic espionage campaign is massive and unrelenting. Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe.” Chinese authorities disputed this.
The report comes in the same week Hold Security reported uncovering a huge trove of 1.2 billion web passwords and login details that have been gathered by Russian cyber criminals.
The video game industry is at the mercy of a large scale advanced cyber attack campaign designed to steal source code, Dell’s security arm Secureworks has revealed.
Codenamed Threat Group-3279 (TG-3279), the attackers are thought to have been active since at least 2009, a Secureworks report claimed, insisting that information gathered from targeted hosts suggests that TG-3279 focuses on the collection of video game source code.
“[This is] to crack those games for free use, to develop tools to cheat at the games, or to use the source code for competing products,” read the report, which the firm said exhibits findings based upon Portable Executable (PE) compile dates, domain name registrations, collection dates of tools and the threat actors’ activity on message boards.
Dell Secureworks Counter Threat Unit (CTU) researchers said that during incident response engagements they found that the hackers carry out initial reconnaissance work on their intended victims before hitting them with an unknown attack tool or strategy.
“TG-3279 appears to perform reconnaissance on its targets via open source research and network scanning,” the report said. “It appears that TG-3279 uses a port scanning tool named ‘s’ and an RDP brute force tool named ‘rdp_crk’, which may be used to scan and exploit targets.”
Dell’s CTU researchers said that they have not discovered packaged exploits used by TG-3279 and believe that the threat actors rely on active “hands-on-keyboard” techniques to exploit targets. They also found evidence that, once in the network, the hackers work to steal system administrator rights while regularly updating their attack tools to ensure continued access to future games’ source code.
The nature of the attacks indicate that the hackers might be associated with the China Cracking Group and the Laurentiu Moon and Sincoder online hacker personas, Dell Secureworks’ report added.
One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Users must upgrade to a newer edition of Skype before those editions are put to pasture.
“We are going to retire older versions of Skype for Windows desktop (6.13 and below) as well as Skype for Mac (6.14 and below) over the next few months,” Skype said in a post last Friday.
Skype is a division of Microsoft, which acquired the chat and over-IP phone software company in 2011 for $8.5 billion.
Skype for Windows 6.13 shipped in January 2014, while Skype for OS X 6.14 reached users in February. Those versions, and any earlier, are the ones marked for retirement.
The current versions of Skype are 6.16 for Windows and 6.18 for OS X.
Skype did not spell out what it meant by “retire” in the blog post — whether the older software will simply not be supported or that only the most recent versions will work with the network — but Microsoft clarified the situation. “Once a version is retired, users will no longer be able to sign into the retired version until they upgrade to the latest version of Skype,” a Microsoft spokesperson said in an email reply to questions.
While Skype did not elaborate on why it’s pushing the older editions into retirement, it was reminiscent of moves that Microsoft itself has taken. In April, for example, Microsoft required customers running Windows 8.1, the upgrade released last October, to migrate to Windows 8.1 Update by June 10 or lose patching privileges.
Microsoft did the same with Internet Explorer 11 (IE11) on Windows 7, giving consumers until June 10 to apply an April update.
In both those cases, Microsoft said it was setting a “new servicing baseline” with the mandated editions.
The newest versions of Skype for Windows desktop and OS X can be downloaded from the division’s website.
The Internet Explorer Developer Channel, which can be downloaded for Windows 8.1 and Windows 7 SP1, runs independently of the user’s copy of IE, allowing programmers to test the newest browser features without disrupting their current browser settings.
The Internet Explorer Developer Channel will offer an early version of IE while it is still being worked on by Microsoft programmers. Developers can preview features planned for the upcoming editions of the browser to help them better build Web applications and pages that use the new capabilities.
Microsoft also hopes that developers will offer feedback, so the company can better implement the pending features.
The developer version offers a sandbox-like testing environment so it does not interfere with the user’s IE browser profile. The browser does not run as quickly as the standard edition of IE and because it is a beta version, should not be used in production environments.
With the test version, Microsoft is replicating the fast development environments used by other browser makers.
Mozilla offers nightly builds of the next version of the Firefox browser under development. Google also offers developer versions of its Chrome browser.
Microsoft plans to issue frequent updates to the test version of IE, announcing them through the DevChannel.Modern.IE developer resource site.
Microsoft’s browser also comes with F12 Developer Tools, designed to help debug and optimize Web pages and Web applications.
Malwarebytes has launched anti-exploit services to protect Windows users from hacking attacks on vulnerabilities in popular targets including Microsoft Office, Adobe software products and Java, a service which even offers protection for Windows XP users.
Consumer, Premium and Corporate versions of the service are available, and are designed to pre-emptively stop hackers from infecting Windows machines with malware.
“An exploit will typically first corrupt the memory of an application process, take control, then execute code,” said Malwarebytes director of special projects Pedro Bustamante.
“From the shell code it executes a payload that tells the exploit what to do and that in turn usually downloads malware from the internet and executes it. The final stage is usually where antivirus kicks in, when it’s being downloaded from the internet, and starts doing things like behavioural analysis to see if it’s malicious.
“We don’t care about that, what we do comes before then. We just look for exploit-like behaviour and block anything that looks like it at the shellcode or payload stages. We come into play before the malware even appears on the scene.”
The Consumer version of the anti-exploit service is free and offers basic browser and Java protection.
The Premium version costs $37.00 per user and adds Office and Adobe protection services as well as the ability to add custom shields to other internet-facing applications, like Messenger or Netflix.
The Corporate version costs$40.00 person user and offers complete anti-exploit protection and comes with Malwarebytes’ Anti-malware service and a toolkit for IT managers.
Bustamante explained that the technology is designed to help businesses and general web users defend against the new wave of exploit-based cyber attacks.
“Traditional security can’t deal with exploits. Every day we see people getting infected, even if they have the latest up-to-date antivirus readers, because of exploits,” he said. “This is why we care about the applications you run – Firefox, Chrome, Internet Explorer, Java, Acrobat [and Microsoft] Word, Excel [and] Powerpoint.”
Bustamante added that the service is doubly important for Windows XP users since Microsoft officially ceased support for the OS in April.
“We’re still seeing over 25 percent of our users running XP. For them this product is even more important,” he said.
“We see new zero-days if not every week, every month, and for XP users who are not getting any more patches from Microsoft this product will be essential.
“Every month Microsoft will be releasing security patches for newer versions of Windows. Every time Microsoft does this it’ll be a treasure map for hackers to find exploits on Windows XP.
“It’ll show them exactly where the vulnerabilities are, so every month will see an influx of new exploits targeting Windows XP.”
As Windows XP continued its descent into obsolescence, users who deserted the obsolete operating system shifted to Windows 7, not the newer Windows 8, more circumstantial evidence that commercial customers, not consumers, now drive PC sales.
Data from analytics vendor Net Applications showed Windows XP dropped one percentage point in user share last month, ending May with 25.3% of all desktop and notebook systems. It was the third consecutive month that XP shed one or more points of user share.
Most of May’s lost XP share showed up on Windows 7, which gained eight-tenths of a point to reach 50.1%, the first time the 2009 OS has reached that milestone. Meanwhile, Windows 8 grew four-tenths of a percentage point, ending with a user share of 12.6%.
For the first time, Windows 8.1 accounted for more than half of the combined user share of it and the original Windows 8.
The rise of Windows 7 had been predicted by researchers who have noted a temporary boom in personal computer shipments to businesses as they rushed to throw XP on the ash heap. IDC, for example, has said commercial sales of PCs have climbed by double digits this year compared to last, but that consumers sales have sunk by similar rates.
Net Applications’ statistics can be interpreted as proof of those trends, with Windows 7 — the standard corporate OS now that XP has waned — on the upswing at double the rate of Windows 8/8.1 because of the continued slump in consumer PC purchases. Most consumer-grade personal computers are now equipped with Windows 8.1.
In two of the last three months, Windows 7′s gains have outpaced those of Windows 8.
The latter also continued to flirt with comparisons to Windows Vista, the 2007 Microsoft failure: At the 19-month mark, Windows 8 was barely ahead of Vista’s share of all PCs running Windows.
Unless consumer PC sales pick up in a big way later this year, as some forecast or at least hope, or Windows 8 becomes acceptable to businesses, which virtually no one believes is in the short-term cards, Windows 7 will continue to gain ground as all traces of XP are slowly scrubbed from enterprises, a process that will take much of 2014 in the U.S. and longer elsewhere.
The Central Government Procurement Center issued the ban on installing Windows 8 on government computers as part of a notice on the use of energy-saving products, posted on its website last week.
The official Xinhua news agency said the ban was to ensure computer security after Microsoft ended support for its Windows XP operating system, which was widely used in China.
Neither the government nor Xinhua elaborated on how the ban supported the use of energy-saving products, or how it ensured security.
China has long been a troublesome market for Microsoft. Former CEO Steve Ballmer reportedly told employees in 2011 that, because of piracy, Microsoft earned less revenue in China than in the Netherlands even though computer sales matched those of the U.S.
Microsoft declined to comment.
Last month, Microsoft ended support for the 13-year-old XP to encourage the adoption of newer, more secure versions of Windows. This has potentially left XP users vulnerable to viruses and hacking.
“China’s decision to ban Windows 8 from public procurement hampers Microsoft’s push of the OS to replace XP, which makes up 50 percent of China’s desktop market,” said data firm Canalys.
Microsoft terminated Windows XP support on Tuesday when it shipped the final public patches for the nearly-13-year-old operating system. Without patches for vulnerabilities discovered in the future, XP systems will be at risk from cyber criminals who hijack the machines and plant malware on them.
During an IRS budget hearing Monday before the House Financial Services and General Government subcommittee, the chairman, Rep. Ander Crenshaw (R-Fla.) wondered why the agency had not wrapped up its Windows XP-to-Windows 7 move.
“Now we find out that you’ve been struggling to come up with $30 million to finish migrating to Windows 7, even though Microsoft announced in 2008 that it would stop supporting Windows XP past 2014,” Crenshaw said at the hearing. “I know you probably wish you’d already done that.”
According to the IRS, it has approximately 110,000 Windows-powered desktops and notebooks. Of those, 52,000, or about 47%, have been upgraded to Windows 7. The remainder continue to run the aged, now retired, XP.
John Koskinen, the commissioner of the IRS, defended the unfinished migration, saying that his agency had $300 million worth of IT improvements on hold because of budget issues. One of those was the XP-to-7 migration.
“You’re exactly right,” Koskinen said of Crenshaw’s point that everyone had fair warning of XP’s retirement. “It’s been some time where people knew Windows XP was going to disappear.”
But he stressed that the migration had to continue. “Windows XP will no longer be serviced, so we are very concerned if we don’t complete that work we’re going to have an unstable environment in terms of security,” Koskinen said.
According to Crenshaw, the IRS had previously said it would take $30 million out of its enforcement budget to finish the migration.
Part of that $30 million will be payment to Microsoft for what the Redmond, Wash. developer calls “Custom Support,” the label for a program that provides patches for critical vulnerabilities in a retired operating system.
Analysts noted earlier this year that Microsoft had dramatically raised prices for Custom Support, which previously had been capped at $200,000 per customer for the first year. Instead, Microsoft negotiates each contract separately, asking for an average of $200 per PC for the first year of Custom Support.
Using that average — and the number of PCs the IRS admitted were still running XP — the IRS would pay Microsoft $11.6 million for one year of Custom Support.
The remaining $18.4 million would presumably be used to purchase new PCs to replace the oldest ones running XP. If all 58,000 remaining PCs were swapped for newer devices, the IRS would be spending an average of $317 per system.