March 04, 2014, 3:01 PM — As you're probably tired of hearing by now, Microsoft is pulling the plug on Windows XP and really, really wants everyone to upgrade before full support ends on April 8th. There are solid security reasons to do so. Unfortunately, "everyone" includes banks around the world, with their hundreds of thousands of ATMs running Windows XP. Once support ends, hackers could potentially compromise these internet-connected machines, which is the last thing probably anyone (except thieves) want.
It's expensive, however, and a major undertaking to upgrade all those systems. In the US, for example, there are about 200,000 Windows XP ATMs and, as CNN reports, to replace the operating system in them, banks would have to replace the entire computer inside as well--something that could coast between $1,000 and $3,500 per ATM. To the surprise of probably no one, banks haven't been exactly racing to do this costly upgrade.
So what does it mean for us? If the majority of money-doling machines could be compromised by hackers, do we really want to give our account numbers and PINs to them? What other choices do we have and how can we know if an ATM is secure?
Well, there's some good news. CNN's article says that major banks are "cutting special deals with Microsoft" to extend life support for these aging ATMs, while the banks upgrade them. JPMorgan is called out specifically as having a one-year extension on support and says their Chase ATMs will begin the upgrade process to Windows 7 starting in July. Citibank and Wells Fargo also say they're upgrading their machines, but no dates have been provided.
So, at the very least, you might feel safer withdrawing money or using the ATM for other purposes at Chase banks for now. Oddly enough, non-bank run ATMs at small convenience stores and similar places may be more secure as well, since they tend to run Windows CE (which still gets security updates from Microsoft). Or, if you're truly concerned, take money out the old fashioned way--from your bank's teller.
It's a sad, pretty dire situation, but hopefully banks will upgrade these systems before the financial system crashes (in a different way).
Read more of Melanie Pinola’s Tech IT Out blog and follow the latest IT news at ITworld. Follow Melanie on Twitter at @melaniepinola. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.