I recently heard that it’s commonly supposed the ‘bad guys’ are saving their potential exploits for Windows XP. It makes sense. After investing a lot of time in finding a weakness in the old operating system, why would you then put it out there just to have it fixed by Microsoft after a week or two, when you could simply sit on it for a few months after which it will be available forever?
It’s estimated that when XP’s support ends in April, one third of computers will still be running Windows XP. That’s a lot of potential targets for malware to infect.
It was also pointed out that a lot of vulnerabilities affect all/most versions of Windows, not just one. So given that we know the ‘bad guys’ reverse engineer Microsoft’s patches (they work out what the weakness was from the fix) they will be able to find new openings into XP from the fixes that come out for Vista, etc once XP is no longer receiving those same fixes.
All in all, it’ll be a dangerous time to be using XP on the internet.