Microsoft announced retirement of XP SP2 more than two years ago, in April 2008. Microsoft says it no longer will update or issue security patches for the six-year-old operating system. Organizations that haven’t upgraded to XP Service Pack 3 or migrated to one of Microsoft’s newer operating systems may face difficult times supporting XP’s SP2. Security experts warn organizations should “up their game” from traditional vulnerability assessment to a more powerful tool such as an exploit penetration testing solution. The move to Windows 7, the newest Microsoft operating system, will take longer for larger organizations.”]
Source: https://www.govinfosecurity.com/what-happens-when-xp-expires-a-2712

