Last week marked the end of support for Windows XP, though it does not mean the licenses have expired. However, the important thing to remember is the risk in lack of security patches that come with ignoring the update.
The April 8th deadline has come and gone, but how much of an effect has it had on the industry? Honestly, close to none at all, or at least not yet. Bank ATMs are established on a private network with no internet access. Firewalls keep the ATMs communication through a designated server with anti-virus software and white-listening to ensure no other software can run parallel. There can be however, two general problems that can occur now that the deadline has passed:
The first issue is compliance; PCI regulations and bank rules require that bank ATMs are not to run unsupported software, which could lead to a loss of PCI certification. Most banks in the West have started to meet the requirements almost a year ago, while the rest have put together a transition plan that allows them enough time to migrate to Windows 7. During this time however, Asian banks have generally ignored the deadline, treating it like a modern day Y2K.
The second risk is what those in Asia may come to experience. Unsupported ATMS face something called "zero-day" vulnerabilities. These vulnerabilities are security threats that Microsoft has no way of knowing will even exist or how they will operate. What they do know is that somewhere out there a hacker will be prepared armed. Today there is a much larger battle going on between security protections and malware, which was not the case during Y2K. So it is merely a matter of time until these zero-day vulnerabilities are exploited.
Microsoft has however, set a cost for limited support or a "customers service agreement" that lasts up to 2 years from the April 8, 2014 deadline. The CSA will allow security patches to be made available, assuming the right XP license was purchased for your ATM. With the CSA, you essentially buy yourself a 2 year grace period to get your machine upgraded to Windows 7, or Windows 8 if you want to get ahead of the game.
The delay in the Windows 7 migration can be directed to both the manufacturers for "guarding" a low driver layer called XFS SPs (which there is no open market for) and the banks for not demanding that these drivers be made available in time. The XP to W7 upgrade could have run smoothly had the transition started four years ago, with a properly implemented hardware replacement cycle.
So when does the support for Windows 7 expire? 2020, leaving us with just 6 years until the next disaster meets the industry, unless we can get it right in the mean time.
Source - ATMMarketplace