Perspective: Microsoft risks security reputation ruin by retiring XP
A decade ago, Microsoft kicked off SDL, or Security Development Lifecycle, a now-widely-adopted process designed to bake security into software, and began building what has become an unmatched reputation in how a vendor writes more secure code, keeps customers informed about security issues, and backs that up with regular patches.
But the Redmond, Wash. company, which just touted SDL's 10-year history with a flashy, anecdote-filled online presentation, seems willing to risk torching that hard-won reputation by pulling the plug on Windows XP.
Microsoft plans to ship the final public patches for Windows XP on April 8. After that, it will not deliver fixes for security vulnerabilities it and others find in the 13-year-old operating system. The result, even Microsoft has said, could be devastating. Last October, the company said that after April 8, Windows XP would face a future where machines are infected at a rate 66% higher than before patches stopped.