Cybercriminals will unleash a wave of “zero-day” vulnerabilities to attack Windows XP machines after April 8, 2014, a security expert has claimed.

Cybercriminals will unleash a wave of “zero-day” vulnerabilities to attack Windows XP machines after April 8, 2014, a security expert has claimed. Microsoft will stop releasing security updates for the OS on that date.

Criminals will “sit on” such vulnerabilities until that date to make more money from their exploits, according to Jason Fossen of security training company SANS.

At present, vulnerabilities are patched by Microsoft. After April, only companies paying for custom support will be protected – and up to a third of organizations are expected to still use Windows XP machines.

“The average price on the black market for a Windows XP exploit is $50,000 to $150,000 – a relatively low price that reflects Microsoft’s response,” said Fossen, speaking to ComputerWorld.

“When someone discovers a very reliable, remotely executable XP vulnerability, and publishes it today, Microsoft will patch it in a few weeks. But if they sit on a vulnerability, the price for it could very well double.”

Fossen’s thesis is based on the still-significant number of PCs using Windows XP.

Windows XP, which came out in 2001, is still the second most popular version of Windows – 38.7% of PCs used XP as of the second quarter this year, according to NetMarketShare.

ComputerWorld has projected that 33-34% will still run the OS when Microsoft stops patching it. That’s a stark contrast, Fossen says, to the low numbers using Windows 2000 when it was retired in July 2010 – four-tenths of 1%, according to monitoring firm Net Applications. Even so, there were reports of zero-days targeting Windows 2000 when it was retired, according to ComputerWorld‘s report.

Research by Camwood, a British software consultancy, found earlier this year that just 42% of firms running Windows XP have begun the migration process.

Microsoft recommends leaving at least 18 months to migrate. One in five of the IT people surveyed said that they intended to continue using the operating system, despite being aware of the risks.

An ESET podcast offers some new security tips for the ageing OS here.