Microsoft yesterday pulled out the big guns -- a fear-of-God approach -- to scare users into dumping Windows XP, telling them that the most popular tasks done on a PC will put them in the crosshairs of cyber criminals.

While the advice wasn't this specific, it amounted to telling customers to switch off their older PCs and never turn them back on.

The Tuesday post by Tim Rains, director of Microsoft's Trustworthy Computing group, was similar in theme but more urgent in tone than one he wrote last October when he said that after April 8, the chance that malware will infect XP PCs could jump by two-thirds.

"I want to share some of the specific threats to Windows XP-based systems that attackers may attempt after support ends, so that these customers can understand the risks and hopefully decide to immediately upgrade to a more secure version of Windows, or accelerate existing plans to do so," Rains wrote.

Microsoft will issue the final public security updates for Windows XP on April 8, marking the official retirement of the 13-year-old operating system. XP-powered PCs will continue to run, but any vulnerabilities uncovered by researchers -- whether white hat, gray hat or black hat -- will not be patched.

The assumption by Microsoft and virtually every security expert is that hackers will then begin targeting XP machines more aggressively because of the aged OS's prominence. According to Web measurement vendor Net Applications, nearly a third of all Windows systems still run XP.

Citing statistics that Microsoft compiles from its antivirus software and its regularly-updated malware cleaning tool, Rains said that the top two risks for XP users after April 8 are browsing the Web and opening email.

Computerworld