PCI Compliance Considerations for XP’s End

We have talked about the end of support for Microsoft XP at length and its implications for users in regards to security and licensing, but thought it would be important to also make our clients and friends aware of the potential for non-compliance with PCI-DSS for any organizations using Point-Of-Sale (POS) payment application environments.

Requirement 6 in the PCI-DSS documentation requires that all users “Develop and maintain secure systems and applications.” Because Microsoft will no longer issue security updates after April 8th, this requirement will no longer be met. And just in case this is too vague, look at Requirement 6.1 (Ensure that all system components and software are protected from known vulnerabilities by having the latest vendor-supplied security patches installed. Deploy critical patches within a month of release).

Microsoft will continue to provide updates to its malware signatures in products such as System Center Endpoint Protection through June 2015. However, Microsoft would still refer to Windows XP after April 8, 2014 as ‘unsupported.’ So it could come to pass that malware may be detected, but Microsoft may not provide fixes in every case, leaving the customer to alternative mitigation strategies. Be aware that support for Office 2003 expires on the same date. Microsoft has not released any information concerning continued security-related support for this product.

As we have said before, we recommend making the switch to a newer OS to ensure you receive critical software updates and maintain a secure environment. PCI compliance is yet another reason to necessitate this switch.

Leave a Comment

Your email address will not be published. Required fields are marked *


Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

(732)738–8511 x1208
Use the chat box on the right

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.

Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.


Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More