As a result, Windows XP will become much less secure in the coming months, Kandek warned. Given the size of the Windows code base, many of the patches that Microsoft issues each month cover vulnerabilities found in all versions of Windows, at least back to XP. After April, attackers can examine these patches to pinpoint where vulnerabilities may be, and seek them in the no-longer supported Windows XP.
"Half of the work has already been done for them," Kandek said.
Qualys tracks the percentage of its enterprise users that still deploy XP. In February that number has shrunk to about 14 percent, two percentage points lower than the month prior.
Sign up for CIO Asia eNewsletters.