Feeds

THOUSANDS of UK.gov Win XP PCs to face April hacker storm... including boxes at TAXMAN, NHS

FOIs reveal bureaucrats losing switchover race by widest margin

Boost IT visibility and business value

Exclusive Thousands of PCs at Britain’s biggest public sector bodies will miss Microsoft’s April deadline to abandon Windows XP before open season for hackers begins.

HMRC and the NHS in England and Scotland will still be running thousands of systems using Windows XP after Microsoft turns off the support lifeline on 8 April.

HMRC has 85,784 PCs, of which 85,268 are moving off Windows XP and 58,631 are ditching Internet Explorer 6.

NHS Scotland has 3,603 PCs with 3,537 on Windows XP and the same number on IE6.

The information came to light following a series of Freedom of Information Act (FOI) requests lodged by The Register with UK government organisations.

Migration plans

HMRC and NHS Scotland said they both have co-ordinated plans to replace Windows XP and IE 7; they are going with Windows 7 and IE 8 and, in a few cases, Windows 8 and 10.

But while upgrade work is in full swing, it won’t be completed by April’s deadline.

HMRC told us it expects to have completely moved off of Windows XP by “the end” of 2014, while NHS Scotland expects to finish in the third quarter.

HMRC began its migration in 2012, with NHS Scotland beginning its shift relatively late, in July 2013.

8 April is the date when extended support for Windows XP from Microsoft finally comes to an end. Prior to this date, Microsoft will issue security patches to block malicious code and viruses written to infect PCs and networks and steal users’ data.

Come 9 April, there will be no more protection from Microsoft.

Customers who wish to continue receiving protection must pay Microsoft for dedicated support – coming at eye-watering prices: $200 per desktop for year one, $400 for year two and $800 for a third year.

Extended support is only available to the biggest customers – those on premier-level support.

UK taxpayer? Read on...

Neither the HMRC – collector for the nation’s purse – nor NHS Scotland will pay for protection, according to our FOIA requests, yet users will continue to be allowed to access the internet from their vulnerable Windows XP machines and using IE6.

That means users could come under attack with no defence from Microsoft.

However, neither body is faring quite as badly as the NHS in England, which, based on our FOIA request, is a picture of anarchy on Windows XP.

There are total of 1.086 million PCs and laptops running Windows at trusts, GPs and other health groups that comprise the National Health Service in England.

The Register asked NHS England how many PCs at hospitals, GPs and administrative bodies there are which run Windows XP and IE 6, 7 or 8.

We also asked if there’s a co-ordinated migration plan and when it will be complete.

Local organisations 'aware of the need to migrate'. How many need to make the move? We don't know...

The NHS in England’s response was that it simply doesn’t know beyond headline numbers the state of Windows XP’s penetration or migration work.

The reason is hospitals, ambulance and community and mental health trust, and GP surgeries are all considered separate organisations responsible for their own IT and migration plans. “No central records are held,” NHS England told The Reg.

The result is it cannot say how many medical or and back-office staff or systems will be exposed at the NHS in England.

“Local organisations are currently in the process of upgrading PCs to use the Windows 7 operating system in advance of Windows XP support ending in April 2014. Local organisations are aware of the need to migrate from Windows XP in advance of the April 2014 de-support date,” NHS England said.

The group is responsible for supplying IT to 6,100 staff in 60 buildings and it's in the middle of a project to deploy a common desktop IT architecture to this group using Windows 7. The plan is to complete the programme in February/March 2014.

Our FOI requests reflect what’s happening in the field – that very large customers of Microsoft are going to miss April’s deadline.

Only some of them are planning to pay.

Application migration specialist Camwood, heavily involved in helping customers move from Windows XP, told The Reg it has got several “large” customers paying Microsoft for support after 8 April rather than go naked.

Camwood works with organisations that have more than 2,000 PCs.

“It was cheaper for them to pay Microsoft than to accelerate migration,” Camwood chief executive Adrian Foxall told us.

Despite the fact Windows XP support is due to finish in three months, Camwood is still picking up new business from organisations in the public sector to start migrations, it says – many of them within the NHS.

Foxall reckoned there are two types of customer coming to Camwood: those who have got a plan and want Camwood to help execute it and those without a plan.

The public sector, he says, falls mostly into the latter group. “We are still winning new projects now. They will miss the deadline and they are acutely aware of that,” Foxall said. ®

Build a business case: developing custom apps

More from The Register

next story
Why has the web gone to hell? Market chaos and HUMAN NATURE
Tim Berners-Lee isn't happy, but we should be
Microsoft boots 1,500 dodgy apps from the Windows Store
DEVELOPERS! DEVELOPERS! DEVELOPERS! Naughty, misleading developers!
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Apple promises to lift Curse of the Drained iPhone 5 Battery
Have you tried turning it off and...? Never mind, here's a replacement
Linux turns 23 and Linus Torvalds celebrates as only he can
No, not with swearing, but by controlling the release cycle
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
This is how I set about making a fortune with my own startup
Would you leave your well-paid job to chase your dream?
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.