Report Shows 18% of Small Businesses Still Using Windows XP

According to a new report, almost one in five small and medium businesses worldwide are exposed to major security risks as they are still using Windows XP after Microsoft ended support for the operating system.

The study was conducted over three months by antivirus software provider Bitdefender, and shows that businesses around the world, including the US, the UK, Australia, Germany, Spain and Brazil, still rely on the legacy Microsoft OS despite security concerns. Millions of malware attacks target companies every month and hackers try to steal confidential data by taking advantage of the system’s vulnerabilities.

Since the April 8 end-of-support date, enterprises that continue to run Windows XP are more vulnerable to cyber-attacks. Users of the operating system no longer receive new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.

“A few weeks after the end of support announcement, a new Internet Explorer zero-day vulnerability turned into a permanent threat for XP users,” Bitdefender Chief Security Strategist Catalin Cosoi said. “That was until folks at Microsoft issued a patch that was made available for Windows XP users as well. However, this was an exception that shouldn’t make enterprises believe it will happen again, so the migration from XP is a must.”

The Bitdefender study also showed that 53.4 percent of the companies upgraded to the more secure system Windows 7 Professional. Only a small percentage of the analyzed SMBs are using other Windows versions such as 7 Home Premium, 7 Ultimate and Windows 8.1 Pro, while a few have also installed dedicated server products.

The most targeted company in the three-month analysis was a web marketing business that had to deal with almost 800 million malware attacks. Other SMBs in the top targeted industries include a metallurgy company in the US, a logistic services firm in the UK, an architects’ college in Spain, an Irish retail company and a fruit and vegetable store in Australia. 

Recent research also showed that 37 percent of SMB employees are working remotely or from home, increasing BYOD trends and security risks. At the same time, 17 percent of SMBs allow employee-owned mobile devices full access to the VPN.

The Bitdefender study was conducted from March to May 2014 on a sample of over 5,000 companies in areas such as retail, the medical, educational and industrial systems.