Starting in April, running Windows XP on a work or home computer will be risky
As of April 8, 2014, Microsoft will no longer support the Windows XP operating system. With that in mind, we strongly recommend that all computers, both Princeton-provided AND personally owned, that currently have Windows XP installed, be upgraded to supported Windows versions (i.e., Windows 7, Windows 8). We realize that for some older systems, upgrading may not be possible and may require the purchase of a new computer, but we firmly believe that countering the risk of running an unsupported operating system justifies the additional cost.
What is the risk of continuing to run Windows XP?
Basically, ALL systems have errors in their code, typically referred to as "bugs". As the bugs that are associated with a supported piece of software are uncovered, the vendor who provides that software will make available an update or "patch" that will address that bug. At the same time, the community of malicious hackers, upon learning of a bug, will write software that will exploit that bug. When you update your system with the vendor's patch, you are protecting your system and the data it holds against any code written to exploit the bug(s) being addressed.
When a vendor stops supporting a product, then any future bugs that are discovered will not be corrected by the vendor, so your system will continually be a target for attacks designed to exploit those bugs.
What can the exploitative software do?
It can do ANYTHING that an administrator can do on your system: read every file, delete files and software, change file contents, use your computer to attack other computers, use your hard drive to share copyrighted materials (e.g., movies, music, literature) with the world. etc. So, it doesn't necessarily matter that you may not have any confidential information on your system. Just being able to hijack your system may satisfy the attacker's needs.
How would any attackers find my system?
Easy. Your Windows XP systems WILL be found because there are programs running constantly that probe every device on the Internet to determine what it is running as its operating system. The probing program may immediately install malicious software onto the discovered system or save its address for future use.
And keep in mind - For your supported systems, patching quickly is critical
Just a reminder that any software you have, that is supported by its vendor, could easily be subject to the same attacks I have described above if you do not promptly update your systems when vendor patches are made available. So, when that bubble on your Windows system indicating that Windows updates are available, or when your Mac pop-up window tells you that Mac software updates need to be applied, please do so right away to keep your systems and data safe.