Old doesn't mean less secure, it many times means more secure, but less available to provide multiple services.
Potatoe potato. It's all programers with bad intentions, and the bottom lime is having an up to date OS helps on all fronts.
Old does tend to mean time has worn on it. What I mean by this is that time has been passing and people have discovered the vulnerabilities that exist.
Aquite the contrary Steevo: unlike something like a house or a car, old software (especially widely-used, decent-quality stuff like Windows) are usually more secure than the versions they replace. In the case of XP, a lot of assumptions that made perfect sense in the late 90s to the mid 2000s stopped holding, the most obvious ones being that running with full admin permissions is bad, and that drivers as modeled in Windows NT at the time, were hoplessly broken well and truly beyond repair and sanity.
The result was Vista (a perfectly fine OS if you run in on good hardware), and a side effect of Vista making very deep, extensive architectural changes to how Windows designed, modeled and enforced it's OS and security principles meant that both a lot of stuff broke overnight (especially drivers) and it needed a much beefier machine that what people ran XP on (admittedly some of it is just more features and shine, not OS-related stuff, but I digress).
In recent times, XP has become effectively unpactchable to Mixrosoft, which is why they are charging huge amounts of money for an extra maximum of 3 years from end of support, regardless of the amount of money shoved at them.
I can also point to open-source projects, like OpenSSL, where most of the releases are about fixing some security hole or another, meaning the new version is by definition more secure because an existing security risk has been removed.
Most of our medical office customers (medium to large ones) utilize XP still for their exam-room PC's because of software compatibility or not wanting to spend the $10,000's that it can cost to upgrade the license and upgrade the infrastructure to support it. Honestly with decent AVAM, it is still usable but definitely long in the tooth for anyone outside of the medical or industrial/manufacturing arenas imho. Other places I've seen still use it because of the cost of newer equipment when current equipment is still affordable to service but requiring legacy software. Upgrades have to make dollars and sense to many companies...at least in this region that's what I've seen. Just my two cents. XP is still useful, I don't prefer it by any means...
Yup. Budget and availablity is the issue, and more often than not all together: you're not gonna replace a million dollar microscope because it's interfacing PC is on XP or older, nor will you spend the thousands of dollars getting their devs to update the software. Instead, you work around it by isolating that machine and locking it down so hard it becomes an appliance instead.