Hey Microsoft: Stop caving in to the XP holdouts
Microsoft shocked the IT world this past week by making the cardinal mistake: releasing another XP patch after support officially ended. While I think Redmond makes a lot of mistakes, from licensing nightmares to marketing blunders, this particular move really irks me.
That's because it not only sets the wrong precedent, but it's a direct slap in the face to those fighting the good fight in helping eradicate XP. Specifically, IT pros like myself. As a consultant for my clients, I've been knee-deep in the conversations that Microsoft can't have directly with its customers. You know, the ones actually in the trenches -- not those just sitting in the comfort of their Redmond offices?
For the last year and a half, I have been personally toeing the sometimes uncomfortable party line in urging my clients to get off XP (much of that time unpaid, if Microsoft is curious). Seeing such doublespeak in action therefore really digs in under my skin, no matter how critical this IE flaw may have been.
How can I continue to make the case for ditching XP if Microsoft is pulling the rug from under my feet? One of the best arguments in my consulting playbook was the fact that there would be no more patches released for XP once April 8 came and went. Redmond helped curate this message with its respective partner community via numerous channels, including splash sites like this and this.
But it seems the pre-April 8 warnings only carried so much bearing, and now IT consultants like myself have egg on our face. For all the sit-down conversations we've had with clients we support, they're starting to call Microsoft's bluff after all.
While some in the blogosphere are calling this the right move, I have to fervently side with the likes of Brian Fagioli of BetaNews and Peter Bright. This was a terrible, terrible mistake and I'm hoping whatever misguided execs called the shots on this audible wisen up for the long term message on XP.
This just-once-more XP patch sets a poor precedent, just like Obama's empty "Red Line" threat on Syria gave Putin the leverage he needed in his power play in Ukraine.
It's just like kids that play their parents when they throw around hollow threats and never follow up on grounding them after the next time.
And it's no different than police turning a blind eye to enforcing laws after they go into effect.
XP's final patch tuesday came with a new popup for users to warn them that support has ended. Perhaps Microsoft should have reworded this message to note that April 8 was the Almost End of Support date. The latest IE patch for XP users was nothing less than a slap in the face for those (such as myself) who have been vigorously fighting the good fight for eradicating XP. (Image Source: Microsoft)
If tough words don't follow with similarly tough actions, you might as well call such policies meaningless. People will always take the path of least resistance, and in this case, it comes in the form of sticking with the increasingly risky XP OS.
The above aren't the only reasons why this XP patch really ticks me off. There's numerous other ramifications to Microsoft's blunder here:
Future threats of support sunset dates will carry little weight. If Microsoft kowtowed to the XP holdouts this one extra time, how can they possibly carve out a position of enforcing lifecycle policies that actually mean something? Are IT pros supposed to take future support cutoffs with a grain of salt?
Vista's next on the chopping block for patches, and I don't know how I will be able to fight back against those who will say "But remember all those patches Microsoft released after XP support ended?" Short term idealism may come back to bite Microsoft and the exact professionals who are trying to do the right thing.
Criminals will continue building better and more numerous XP exploits. What sets this recent IE flaw apart from any of the other potential future exploits that may come out? If history holds true, these will only multiply, hit harder at the bevy of flaws that XP has, and cause just as much headache for XP holdouts. Is it Microsoft's job to keep coddling users of a 13+ year old OS? It might as well keep making patches for Windows 2000 as well if we are to believe in this flawed mentality.
Apple cuts off users of OS X after just 4-6 years and there are no hoots and howls for Apple to reverse course indefinitely on patches. This is the one time I will say Microsoft should follow Apple's lead.
IT admins who made plans around the expectation Microsoft would blink on XP support have been absolved. There are likely more than a handful of administrators out there who made the case in their organizations that XP would be given an extended lifeline as necessary. It already happened once, and if luck is on their side, it is bound to happen again, they're chuckling.
Those still on XP have been given a false sense of security. Similar to what I said above, on a wider scale, XP users of all stretches will sleep tighter knowing that Microsoft is willing to go against its own grain as we've seen. This is exactly the uphill battle IT pros like myself have been struggling to overcome in discussions.
Microsoft should keep in mind that its actions speak far louder than the years worth of words it has espoused.
The "just one more time" crowd has the ammunition it needs now. There is a vocal but sizable minority in the tech community that believes Microsoft should continue on such a path of supporting XP indefinitely. Now that Redmond has given them a glimmer of hope, watch this crowd hold tight to their argument on the next big zero day.
It gives IT pros fighting the good fight a bad name. I truly believe that getting the computing world into a post-XP era is the right thing to do on numerous fronts, the largest one being security. But as time goes on, and if Microsoft continues its policy of having mercy on XP users, the technical leaders out there beating the kill-XP drum will have increasingly less of a pedestal to stand on.
If Microsoft won't back up the very troops fighting on its behalf, how long before we lose faith in Redmond altogether?
To me, it's pretty clear that this last week's buckling of the no-more-patches mantra for XP really turned a former red line into a gray one; a line that shifts with the winds of the security flaws out in the wild.
Redmond claims in a blog post explaining its actions that this was truly a one-off move, and that XP is not going to get any more patch love from Microsoft.
Is it only me, or have we not heard this already?
Derrick Wlodarz is an IT Specialist who owns Park Ridge, IL (USA) based technology consulting & service company FireLogic, with over eight+ years of IT experience in the private and public sectors. He holds numerous technical credentials from Microsoft, Google, and CompTIA and specializes in consulting customers on growing hot technologies such as Office 365, Google Apps, cloud-hosted VoIP, among others. Derrick is an active member of CompTIA's Subject Matter Expert Technical Advisory Council that shapes the future of CompTIA exams across the world. You can reach him at derrick at wlodarz dot net