The Federal Financial Institutions Examination Council (FFIEC) has warned that plans by Microsoft to discontinue support for the XP operating system pose operational risks for banks that still use it.
Microsoft will discontinue extended support for XP in April next year, ending provision of regular security patches and technical assistance for the operating system.
In a statement, the FFIEC says: "Financial institutions, technology service providers (TSPs), and other third parties that use XP in personal computers, servers, and purpose-built devices such as automated teller machines (ATM), or that are dependent on applications that require use of XP could be exposed to increased operational risk."
Potential problems include degradation in the delivery of various products and services, application incompatibilities, and increased potential for data theft and unauthorised additions, deletions, and changes of data. Additionally, banks and vendors that are subject to the Payment Card Industry Data Security Standard (PCI DSS) may no longer be compliant if they continue to use XP.
Nor is the problem confined to the US. Research back in April, to mark the one-year countdown to the deadline, revealed that over half of UK firms had done nothing to prepare for a migration to Windows 7 or Windows 8.
Banks exposed to the issue should conduct a risk assessment strategy and consider their options to mitigate the threat, says the FFIEC.
"Broad mitigation options include replacing XP with a current operating system or maintaining XP over time," states the agency. "The latter option potentially includes implementing controls designed to provide additional monitoring for XP-supported systems and devices, protecting XP from threat sources, and isolating XP from the remainder of the network."
Earlier this week, PC manufacturer Dell announced a a new service to help businesses jump-start their migration from XP to Windows 7 or 8. Dell's Windows Migration Fast Forward Service offers pre-packaged modules to address all stages in the switch-over for up to 5000 PCs including : image engineering, inventory and rationalisation of applications, application compatibility testing, application packaging, deployment planning, process automation and field deployment.
"About 21% of PCs are still running Windows XP. This is an industry-wide issue that many of our customers are dealing with right now," says Kevin Jones, vice president and general manager, infrastructure and cloud computing services.