Use of Windows XP is still widespread across NHS hospital trusts, with the operating system in use in 90 percent of trusts questioned.
Virtualisation software company Citrix made Freedom of Information (FoI) requests to 63 NHS trusts in October, with 42 responding.
The trusts that provided details said Windows XP made up a small part of their overall PC estate — one said it was 50 out of 5,000 PCs, for example. Trusts blamed legacy applications and devices that were unable to use later version of Windows as their reasons for holding onto the antique OS.
Of the trusts that responded, 14 percent said they would be moving to a new operating system by the end of this year, and 29 percent said they would make the move some time next year. Others could not give a date for when Windows XP would be replaced.
When Citrix made a similar FOI request in 2014, all of the 35 NHS trusts that responded said they were using Windows XP, although three-quarters said they would be rid of it by March 2015.
Citrix said “Whilst many authorities now only use a small number of devices that run Windows XP, the transition to a newer operating system needs to happen as a matter of urgency. With the health sector accounting for the most data security breaches across all public sector departments, it is critical that up-to-date and secure software is in place to safeguard patient data against cyber-attackers.”
And it’s not just NHS trusts: earlier this year it was revealed that London’s Metropolitan Police still had 27,000 PCs running Windows XP.
Microsoft stopped providing free security updates for Windows XP in April 2014, twelve-and-a-half years after the operating system went on sale in August 2001, although individual organisations can pay for additional custom support from Microsoft.