As the curtain slowly closes on Windows XP support (RIP: April 8, 2013) each security update that Microsoft provides becomes more and more important – particularly for those who may need to use the decaying OS after its end-of-life. But, until that date, Microsoft is still providing updates.
A very critical update is coming as part of this month's Patch Tuesday. A vulnerability in Windows XP with Adobe's PDF file format can cause computers to be completely taken over. In a blog post (Attack Exploits Windows Zero-Day Elevation of Privilege Vulnerability), Symantec talked about this vulnerability way back in November 2013. At the time, no patch was available from Microsoft to plug the security hole, only a workaround.
Windows XP remains the most unsecure operating system still in use today. Even with added updates, there's no guarantee that the OS will ever be as secure as more modern operating system versions. After April 8, 2014, Windows XP, itself, will become the biggest threat in any environment, since no further security updates will be made available. The only recourse at this point is to move steadily away from Windows XP to either Windows 7 or Windows 8.
Incidentally, this same flaw also affects Windows Server 2003, which also reaches end of support on July 14, 2015. Microsoft has stated a patch for Windows Server 2003 will also be released, possibly this month.