From tomorrow, Tuesday 13th July Microsoft will no longer provide security updates or patches for computers running Windows XP SP2 or Microsoft Server 2000.  There will be no new security updates,  hotfixes, or Microsoft support options. Upgrading to Windows XP SP3 is free and will result in continued support and patching up until April 2014 but it is feared that many businesses will continue to use the unsupported versions leaving them open to various vulnerabilities that will never be fixed by Microsoft.

Installing service pack 3 may require testing and downtime for some organisations and it is believed that this would be an inconvenience that most companies will not put themselves through. Service Pack 3 does not add much in the way of functionality additions or features but it is classed as a critical upgrade.

Frank Fellows from Microsoft made the following statement;

“Customers are highly encouraged to migrate to the latest supported service pack which is the latest and most secure version of their product. Staying on a supported service pack is the only way to ensure continued access to security updates and the ability to escalate support issues within Microsoft.”

If you are still running Windows XP it is essential that you make the upgrade to Service Pack 3. This can be done either by switching on Automatic Updates or by downloading SP3 from the Microsoft website.

Developer Sean O’Neill has released code which he claims can emulate the encryption algorithm used by the popular VOIP program Skype which has users in excess of 500 million.

Skype, hit came back with the following statement:

Skype

“We believe that the work being done by Sean O’Neil, who we understand was formerly known as Yaroslav Charnovsky, is directly facilitating spamming attacks against Skype and we are considering our legal remedies.”

“Whilst we understand the desire for people to reverse engineer our pro tocols with the intent of improving security, the work done by this individual clearly demonstrates the opposite.”

O’Neill has refrained from publishing the full extent of his exploits and has decided to hold off until his presentation at the respected Chaos Communication Congress in December but has uploaded some of the code here.

An exploit for Windows XP that Google Engineer Tavis Ormandy made public last week is not actively being exploited Microsoft confirms. Machines running windows XP can be compromised by simply visiting an infected website. Microsoft have issued a Security advisory on it’s website and also made  a temporary fix available.

Two weeks ago Google made an announcement in which it stated that employees should no longer use the Windows Operating system and begin migration to either Linux or Apple.

As expected, Adobe Systems Inc. issued a security bulletin repairing 32 vulnerabilities in Flash Player.

Last Thursday Adobe released a security bulletin to patch no less than 32 vulnerabilities that in it’s popular Flash Player. These are quiet serious vulnerabilities and can allow an attacker to gain complete access to a users computer.

Adobe is recommending that all users with version 10.0.45.2 or below upgrade immediately to the newest version. They are also urging users of Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux to upgrade their software to Adobe AIR 2.0.2.12610.

More information on this bulletin can be found here on Adobe’s Website.