An estimated 95% of American bank ATMs run on Windows XP, and Microsoft is ending tech support for that operating system on April 8.

That means Microsoft will no longer issue security updates to patch holes in Windows XP, leaving those ATMs exposed to new kinds of cyberattacks.

If banks fail to upgrade their ATMs to a newer version of Windows by April, customers might be at risk, says CNN. If hackers discover new flaws in Windows XP, those bugs will go unaddressed, leaving attackers free to exploit them.

According to a CNN report, major banks are now cutting special deals with Microsoft to extend life support for their Windows XP machines while they replace their fleet of ATMs. "JPMorgan  bought a one-year extension of service and plans to start upgrading ATMs to Windows 7 at Chase banks in July. Citibank and Wells Fargo said they're also upgrading ATMs, but they wouldn't provide details about their plans. Bank of America did not respond to requests for comment."

Replacing the operating systems on ATMs is a major undertaking, CNN reports. In the United States, there are 210,500 bank ATMs, about 200,000 of which run on Windows XP, according to Retail Banking Research in London. In most cases, banks must upgrade the software one ATM at a time, and some will need the entire computer inside replaced too. Labor included, it's a process that experts in the ATM industry say could cost anywhere between $1,000 and $3,500 apiece.

One ATM manufacturer, Diebold, says banks are using this opportunity to add newer card readers to their ATMs that accept more secure chip-and-PIN cards. Those cards have already been adopted worldwide but have yet to grow popular in the United States, CNN says.

Banks that retrofit their ATMs with new hardware will, in the future, be able to upgrade their entire fleets of ATMs with a click of a button. Modern technology allows companies to push software updates via their networks instead of paying each ATM a physical visit.