1

I have a laptop that is not capable of running any versions of Windows above XP reliably, but that I want to connect to use to browse web using the last version of Firefox available for Windows XP. I don't care about this laptop's security at all, as there is nothing of value, but I wonder if running such a device on a network poses a security threat to all other devices on this network if it gets compromised?

And what are the attack vectors and known exploits that could use a Windows XP machine as a leverage to break into more protected devices on this network?

Jzuken
  • 125
  • 3
  • 1
    If all you're looking for is a platform from which to browse the web, then even for your own privacy/security, you should probably consider a modern OS that will run on that device. Look around for an extra light Linux distro. Honestly, once you've launched the browser, who really cares what OS is supporting it so long as it's up to date? – tjd Jun 06 '19 at 19:18

3 Answers3

2

There is nothing specific to XP that poses a threat to other machines on the network. The fact that it can be controlled by a malicious actor is the threat that it poses. With XP, this threat is more likely than with other operating systems and patch levels.

So, putting aside the specific operating system, the threat is that it can be used to pivot and allow an attacker to worm across the machines in the network. The risk of a malicious actor connecting their own attacking machine on the network is the same as a compromised machine under an attacker's control.

The defense is to segment the network and to harden the other machines on the network as if the network is hostile. A DMZ is one way of doing this, so is ZTN and microsegmenting.

schroeder
  • 123,438
  • 55
  • 284
  • 319
1

Support for Windows XP ended April 8, 2014. Microsoft will no longer provide security updates or technical support for the Windows XP operating system.

Hence there is a greater chance of compromise of your laptop and that may lead to compromise of your other nodes in the network.

It is not recommended to use Windows XP any more.

You may refer following site for the known vulnerabilities of Windows XP: https://www.cvedetails.com/product/739/Microsoft-Windows-Xp.html?vendor_id=26

Following is a snapshot explaining the attack types (vulnerability based) on Windows XP (Source - CVEdetails site):

enter image description here

Sayan
  • 2,033
  • 1
  • 11
  • 21
-1

It depends on two things:

  1. If there is even slightest security gap like no security patch installed(for some known lateral movement technique, like eternalblue, some internal web page which is vulnerable or any custom network service (which again has some loop holes). So it depends on how equipped are your endpoints! If other systems are updated, I feel the security risk is almost null.

  2. If a zero-day attack is being launched(like in targeted attacks), then your systems can get compromised.

For example, even though support for Windows XP ended in 2014, and Wannacry (based on EternalBlue vulnerability which was leaked by shadow brokers in April 2017) which was first leaked around may 2017 infected XP, and an attacker could laterally move from Windows XP to an unpatched Windows 7.

So possibility is always there !! In my opinion windows xp in only safe to use in a DMZ.

Ashutosh Raina
  • 369
  • 3
  • 8