Banks and other institutions that use Windows XP often do so under specialized agreements with Microsoft, called Custom Support Agreements (CSAs) or Custom Extended Support Agreements (CESAs). These agreements allow organizations to continue receiving critical security updates for their legacy systems even after official support has ended. Here’s how these agreements work:
Custom Support Agreements (CSAs)
After Windows XP’s official support ended in April 2014, Microsoft offered CSAs to organizations that could not immediately migrate to newer operating systems due to compatibility, cost, or operational constraints.
Under a CSA, Microsoft continues to provide critical security updates specifically tailored to the organization’s systems.
These agreements are typically very expensive and are meant as a temporary measure while the organization transitions to a supported platform.
Why Banks Use CSAs
Legacy Systems: Many ATMs and banking software were originally built to run on Windows XP, and updating to newer systems can be complex and costly due to hardware and software dependencies.
Security Needs: Despite using outdated systems, banks must maintain a high level of security. The CSA ensures critical vulnerabilities are patched.
Regulatory Compliance: Financial institutions are heavily regulated and need to meet strict security standards. Extended support agreements help them avoid compliance violations.
Custom Patching and Support
Microsoft provides patches only for the most critical vulnerabilities that could severely impact the organization.
These updates are not made available to the general public, ensuring that only organizations with a CSA receive them.
Cost
The cost of a CSA is high and increases annually to encourage organizations to migrate to supported platforms.
Some estimates suggest costs in the range of $1,000 to $5,000 per device per year, depending on the scale and specifics of the agreement.
Alternatives Banks Might Use
Some banks have begun moving away from Windows XP entirely, often transitioning to supported operating systems like Windows 10 or Windows Embedded systems.
They may also use virtualized environments to maintain compatibility with older applications without relying on outdated OS versions directly.
These agreements allow banks and other critical industries to maintain operations securely while planning their eventual migration to modern systems. However, this is a stopgap solution and not a permanent fix, as the long-term risks and costs of relying on unsupported software grow over time.
Yes, it says what I have been saying all along. Banks and financial institutions have special service contracts with Microsoft.
You, do not. Don’t run old ass windows versions that are not actively supported. This is not a controversial statement.
Your attempt to compare your usage vs the usage of a financial institution is not only a false equivocation, it’s particularly stupid in light of the fact specialized contracts exist.
You, do not. Don’t run old ass windows versions that are not actively supported. This is not a controversial statement.
Do run them, go ahead. Not supported does not mean non functional.
Your attempt to compare your usage vs the usage of a financial institution is not only a false equivocation, it’s particularly stupid in light of the fact specialized contracts exist.
I worked for 15 years in the industry (7 years in the banking division) I am very explicitly comparing nothing as both myself and most banks I worked with are using legacy software in the same way. Its about risk management and understanding what can be done to your system, running an old OS is not on the top of my risk list.
Just backup your data, manage your accounts and passwords with the idea they may be compromised. This is how people not trying to sell you something operate.
Based upon your responses here, I don’t believe you. But at the end of the day, you can run whatever you like, but don’t encourage others to take stupid and unnecessary risks.
Also, you yourself should consider Linux, specifically Zorin OS. I am 90% windows user, but because I work for an MSP, I end up doing a lot on all of the “major” operating systems. I ran across Zorin and enjoyed it so much that I main it on my work laptop now.
I run Linux but I like my windows 7 machine for my living room.
Oh and you can not beleave me about what I did, I am used to it. Even when working at IBM (don’t recommend) I was often told I did not work there with all sorts of exsuses from in and outside the company.
I was the guy fixing those, no they don’t.
Yes, they do. Ffs, your claims are ridiculous.
Read and learn something for a change:
Banks and other institutions that use Windows XP often do so under specialized agreements with Microsoft, called Custom Support Agreements (CSAs) or Custom Extended Support Agreements (CESAs). These agreements allow organizations to continue receiving critical security updates for their legacy systems even after official support has ended. Here’s how these agreements work:
After Windows XP’s official support ended in April 2014, Microsoft offered CSAs to organizations that could not immediately migrate to newer operating systems due to compatibility, cost, or operational constraints.
Under a CSA, Microsoft continues to provide critical security updates specifically tailored to the organization’s systems.
These agreements are typically very expensive and are meant as a temporary measure while the organization transitions to a supported platform.
Legacy Systems: Many ATMs and banking software were originally built to run on Windows XP, and updating to newer systems can be complex and costly due to hardware and software dependencies.
Security Needs: Despite using outdated systems, banks must maintain a high level of security. The CSA ensures critical vulnerabilities are patched.
Regulatory Compliance: Financial institutions are heavily regulated and need to meet strict security standards. Extended support agreements help them avoid compliance violations.
Microsoft provides patches only for the most critical vulnerabilities that could severely impact the organization.
These updates are not made available to the general public, ensuring that only organizations with a CSA receive them.
The cost of a CSA is high and increases annually to encourage organizations to migrate to supported platforms.
Some estimates suggest costs in the range of $1,000 to $5,000 per device per year, depending on the scale and specifics of the agreement.
Some banks have begun moving away from Windows XP entirely, often transitioning to supported operating systems like Windows 10 or Windows Embedded systems.
They may also use virtualized environments to maintain compatibility with older applications without relying on outdated OS versions directly.
These agreements allow banks and other critical industries to maintain operations securely while planning their eventual migration to modern systems. However, this is a stopgap solution and not a permanent fix, as the long-term risks and costs of relying on unsupported software grow over time.
You use chat GPT for this one? Because this does not say what you think it does.
Yes, it says what I have been saying all along. Banks and financial institutions have special service contracts with Microsoft.
You, do not. Don’t run old ass windows versions that are not actively supported. This is not a controversial statement.
Your attempt to compare your usage vs the usage of a financial institution is not only a false equivocation, it’s particularly stupid in light of the fact specialized contracts exist.
Do run them, go ahead. Not supported does not mean non functional.
I worked for 15 years in the industry (7 years in the banking division) I am very explicitly comparing nothing as both myself and most banks I worked with are using legacy software in the same way. Its about risk management and understanding what can be done to your system, running an old OS is not on the top of my risk list.
Just backup your data, manage your accounts and passwords with the idea they may be compromised. This is how people not trying to sell you something operate.
Based upon your responses here, I don’t believe you. But at the end of the day, you can run whatever you like, but don’t encourage others to take stupid and unnecessary risks.
Also, you yourself should consider Linux, specifically Zorin OS. I am 90% windows user, but because I work for an MSP, I end up doing a lot on all of the “major” operating systems. I ran across Zorin and enjoyed it so much that I main it on my work laptop now.
I run Linux but I like my windows 7 machine for my living room.
Oh and you can not beleave me about what I did, I am used to it. Even when working at IBM (don’t recommend) I was often told I did not work there with all sorts of exsuses from in and outside the company.