XP End of Support
5 Ways to Mitigate
Risk Now
Paul Zimski
VP, Solution Marketing
Interactivity Tips
1. Ask our Presenters a question
2. Download a PDF copy of today’s presentation
3. Social Networking To...
XP End of Support
• Microsoft Windows XP End of Support was April 08, 2014
• No further vulnerability patches will be made...
Windows XP Usage
4
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Windows XP Infection Rates
5
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Fuzzing Opportunity for Attackers
•New XP vulnerabilities discovered with no patch or configuration work
around
•New discl...
Ignore
7
Plan:
• Ignore EOS and Carry On
Pros:
• Reduced Cost / Effort
Cons:
• Compromise is Eminent
• More Expensive Long...
Upgrade
8
Plan:
• Rip and Replace WinXP
Pros:
• Latest & Greatest
Cons:
• Hardware Requirements
• End User Disruption
• Le...
Isolate
9
Plan:
• Isolate WinXP boxes
Pros:
• Reduced Cost / Effort
Cons:
• User Productivity Hit
• Physical Attack Vector...
Extend Support
10
Plan:
• Get Premier Support from
MS for WinXP boxes
Pros:
• Push Off Migration
Cons:
• Expensive
• No Na...
5 Practical Defense in Depth Tactics
1. Reduce known exploitable surface area via patch
management
2. Harden configuration...
1) Reduce Exploitable Surface Area
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
» Ensure known vulnerabilities...
2) Harden Security Configurations
•Remove Local Admin
•Disable autorun
•Eliminate unnecessary services, applications
•Turn...
Malware
3) Reduce Zero Day Threat
14
Authorized
• Operating Systems
• Business Software
Unauthorized
• Games
• iTunes
• Sh...
4) Protect System Memory
• The best way to avoid Buffer Overflow Attacks
is for software authors to employ secure coding
p...
5) Eliminate Physical Attack Vectors
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
16
»Centrally enforce usage ...
Defense-in-Depth Strategy
17
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Successful risk mitigation starts wi...
More Information
Surviving WinXP EOS
https://www.lumension.com/windows-xp
» Whitepaper – learn how to stay secure before,
...
19
• Download a copy of today’s slides
• Provide your feedback! Please complete our survey.
• A recorded version of this s...
Global Headquarters
8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255
1.888.725.7828
info@lumension.com
Upcoming SlideShare
Loading in...5
×

XP End of Support: 5 Ways to Mitigate Risk Now

293

Published on

While you likely have very good reasons for remaining on Windows XP after end of support -- the bottom line is your security risk is now significant. In the absence of security patches, attackers will certainly turn their attention to this new opportunity.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
293
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "XP End of Support: 5 Ways to Mitigate Risk Now"

  1. 1. XP End of Support 5 Ways to Mitigate Risk Now Paul Zimski VP, Solution Marketing
  2. 2. Interactivity Tips 1. Ask our Presenters a question 2. Download a PDF copy of today’s presentation 3. Social Networking Tools
  3. 3. XP End of Support • Microsoft Windows XP End of Support was April 08, 2014 • No further vulnerability patches will be made available through standard support • Impact on Compliance » FFIEC guidance – … identify, assess, and manage these risks to ensure that safety, soundness, and the ability to deliver products and services are not compromised. » PCI-DSS v3.0 – Ensure that all system components and software are protected from known vulnerabilities …. 3
  4. 4. Windows XP Usage 4 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  5. 5. Windows XP Infection Rates 5 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  6. 6. Fuzzing Opportunity for Attackers •New XP vulnerabilities discovered with no patch or configuration work around •New disclosed vulnerabilities in other Windows products that share common core modules 6 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  7. 7. Ignore 7 Plan: • Ignore EOS and Carry On Pros: • Reduced Cost / Effort Cons: • Compromise is Eminent • More Expensive Long-Term Source: http://joshblackman.com/blog/wp-content/uploads/2011/11/bird.jpg
  8. 8. Upgrade 8 Plan: • Rip and Replace WinXP Pros: • Latest & Greatest Cons: • Hardware Requirements • End User Disruption • Legacy Software Support • Time / Cost / Effort
  9. 9. Isolate 9 Plan: • Isolate WinXP boxes Pros: • Reduced Cost / Effort Cons: • User Productivity Hit • Physical Attack Vector Source: http://www.ida.liu.se/~g-robek/images/linguistics-AnechoicChamber_id.jpg
  10. 10. Extend Support 10 Plan: • Get Premier Support from MS for WinXP boxes Pros: • Push Off Migration Cons: • Expensive • No Native OS Security Improvements Source: http://erstarnews.com/wp-content/uploads/2013/07/stack-of-money.jpg
  11. 11. 5 Practical Defense in Depth Tactics 1. Reduce known exploitable surface area via patch management 2. Harden configurations 3. Reduce zero day threat risk with application whitelisting 4. Protect system memory with native and 3rd party tools 5. Eliminate physical attack vectors by controlling device ports •Update antivirus •Use desktop firewalls 11 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  12. 12. 1) Reduce Exploitable Surface Area PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION » Ensure known vulnerabilities are patched to minimize “low hanging fruit” » Apply new 3rd party desktop application patches
  13. 13. 2) Harden Security Configurations •Remove Local Admin •Disable autorun •Eliminate unnecessary services, applications •Turn off admin shares •Enforce screen lockouts 13 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  14. 14. Malware 3) Reduce Zero Day Threat 14 Authorized • Operating Systems • Business Software Unauthorized • Games • iTunes • Shareware • Unlicensed S/W Applications Un-Trusted Known • Viruses • Worms • Trojans Unknown • Viruses • Worms • Trojans • Keyloggers • Spywares Application Whitelisting
  15. 15. 4) Protect System Memory • The best way to avoid Buffer Overflow Attacks is for software authors to employ secure coding practices • For known vulnerabilities, its imperative to apply security patches that fix the underlying code. • For unknown vulnerabilities, there are native protection capabilities that can be enabled in Windows that make it harder to carry out BO attacks » Data Execution Prevention (DEP) - marks unused buffers as “non executable” • Investigate 3rd party memory protection capabilities from vendors 15 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  16. 16. 5) Eliminate Physical Attack Vectors PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION 16 »Centrally enforce usage policies of all endpoint ports and for all removable devices / media.
  17. 17. Defense-in-Depth Strategy 17 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Successful risk mitigation starts with a solid vulnerability management foundation, augmented by additional layered defenses which include: » Configuration Control » Application Whitelisting » Memory Protection » Data Encryption » Port / Device Control » Antivirus Patch and Configuration Management Application Control Memory Protection Device Control AV/FW Hard Drive and Media Encryption
  18. 18. More Information Surviving WinXP EOS https://www.lumension.com/windows-xp » Whitepaper – learn how to stay secure before, during and after your migration » Free Application Scanner – discover all the apps being used in your network Whitepapers » NSS Labs – Improving Windows Client Performance and Security: Impact Comparison of AC and Traditional AV https://www.lumension.com/resources/free- content/improving-windows-client- performance-and-security.aspx 18 Get a Free Trial of Lumension Application Control https://www.lumension.com/ application-control-software/free-trial.aspx
  19. 19. 19 • Download a copy of today’s slides • Provide your feedback! Please complete our survey. • A recorded version of this seminar will be available at www.eSeminarsLive.com • View a calendar of our Upcoming Events Attendee Services
  20. 20. Global Headquarters 8660 East Hartford Drive Suite 300 Scottsdale, AZ 85255 1.888.725.7828 info@lumension.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×