To Microsoft, Windows XP is like a gift that keeps on giving.
It’s because there’s still a huge customer base using Windows XP and they’re willing to dole out millions of dollars for custom security support.
The latest customer to sign a Windows XP support deal is the US Navy.
On Tuesday, the Navy’s Space and Naval Warfare Systems Command (SPAWAR) closed a $9.1 million contract with Microsoft that guarantees continued custom support for security updates on the 100,000 workstations still using Windowx XP, Office 2003, Exchange 2003, and Windows Server 2003.
The full contract could extend to 2017, and be worth up to $30.8 million, IDG News added.
“The Navy relies on a number of legacy applications and programs that are reliant on legacy Windows products. Until those applications and programs are modernized or phased out, this continuity of services is required to maintain operational effectiveness,” Steven Davis, a spokesman for SPAWAR, told IDG.
ITWorld notes, an unclassified Navy document, that “the Microsoft applications affect critical ‘command and control systems’ on ships and land-based legacy systems. Affected systems are connected to NIPRnet, the U.S. government’s IP network for non-classified information, and SIPRnet, the network for classified information.”
U.S. Navy photo by Photographer’s Mate 2nd Class H. Dwain Willis. The Navy has plans to phase out the obsolete platforms because, as the unclassified document notes, using decade-old Windows platforms makes the systems vulnerable.
“Without this continued support, vulnerabilities to these systems will be discovered, with no patches to protect the systems,” the Navy document states. “The resulting deterioration will make the U.S. Navy more susceptible to intrusion … and could lead to loss of data integrity, network performance and the inability to meet mission readiness of critical networks.”
All that said, updating a system like the Navy’s is far from a simple task.
“It’s not easy for an organization with the size and global range of the US Navy to update its entire computer network,” cybersecurity expert Joe Loomis, CEO of CyberSponse, told Business Insider. “The Navy should have been planning to transition faster, but it’s still a highly complex situation for them.”
Loomis, a former cryptologic tech for the Navy, noted that the Navy’s computer system is comprised of “a variety of legacy systems and hardware” that won’t work with Windows 7, and the operating system the Navy would switch to — Windows 10 SP1 — hasn’t been released yet.
“The Navy is in a tough spot,” Loomis said. “But for right now, this is an effective stop-gap measure as $9 million is a drop in the bucket for the Navy and it would cost much more to rush this transition.”
Rushing the overhaul, Loomis added, would also make security mistakes more likely.
The US Navy is certainly not the only public office to sign a big custom contract with Microsoft. The UK government signed a $9.2 million contract last year to support all public sector customers, while the Dutch government also signed a “multi-million euro” deal for a similar service.
A lot of these organizations rely on old software that only runs on Windows XP, which makes it hard to migrate everything over to a new OS. But with Microsoft effectively ending support for Windows XP last year, they need custom security updates to protect them from external threats.
In fact, according to NetMarketshare, a research firm that tracks OS usage, Windows XP still accounts for roughly 14% of the total desktop operating system market. That’s more than the market share of Windows 8.1, Microsoft’s latest operating system.