I'm an XP lover and while I have moved on to Windows 7, my Windows 7 machines are configured to look like the XP Classic interface as much as possible. I'm pretty happy with these machines for now...

I know that there is another popular DaniWeb article concerning why XP won't die but I wanted to provide some related information about the risks in running XP at this time that some of you may have not considered.

After April 8, 2014, those of you that continue to run Windows XP will no longer have any type of advantage over attackers any longer. Starting in May, specifically May 13, Microsoft will release security updates for supported versions of Windows. For example, there may be security updates for Windows Server 2003. Server 2003 is fairly similar to XP so attackers will be able to reverse engineer those updates, find the vulnerabilities and test them against Windows XP to see if XP shares those vulnerabilities.

If the vulnerability is shared, attackers will attempt to develop exploits that can take advantage of those vulnerabilities on Windows XP. Future security update will never become available for Windows XP to address these vulnerabilities, so those that remain running XP are essentially unprotected. Your antivirus and firewall may not provide you with protection expect. A simple act of accessing an email attachment or visiting a comprimised website could potentially infect your system, bypassing those security products you are depending on.

This doesn't mean that the only option is to move on another version of Windows. This could be an opportunity to look at other popular, open-source operations systems.

If you decide to remain on XP, the only way to fully protect it is to keep it isolated, ensure its off the network and do not install untrusted software.

Recommended Answers

All 14 Replies


So you saying investing in other antivirus software is hopeless? But I still see a lot of people buy antivirus software thinking their computer will be safe. Isn't antivirus is good enough protection with internet security?

Good security uses a layered approach. There is a misconception that having an AV client on your computer fully protects you from malware. That's not necessarily the case.

For example, your unpatched OS can have a vulnerability that can be exploited by you visiting a compromised site as in the case if IE.

Or let's say you have a blank or weak password, AV software isn't going to be of much use there.

Having an AV client is a good thing to have installed but you still need to secure you system with other methods, firewalls at the perimeter network, security patches, strong passwords, user education, etc...

The last two links in that article by Symantec's boss are the important take-away, I think, JM, and are buried in: "check out PCWorld's guides to building the ultimate free security suite and how to protect yourself against the web's most dangerous security traps."

Note that AVG 2014 Free recco by PCWorld, tcll... :)

No matter what AV they have, there is no security for a dead OS. Those AV will not support dead OS forever. So at 1 point of a time you will need to upgrade to the latest Windows. Other alternative to be safe is to unplug the internet line or install Linux and see what it can do.

Thank you so much for the information.
I really benifited by reading your post.

There is a registry edit that can make the computer "think" it is Windows POS version, in which case, those computers are updated for security until in 2019 to my understanding, and I see that registry edit is in the aforementioned link above.

FWIW, at home we all 3 run XP Pro on our comptuers, networked, and into the internet as well. At my work all the computer, save a couple on 7 (which is now dead and John Dvorak HATES 7 btw) and they are all networked, and access the internet.

In Asia probably 50 percent of the computers are running XP of some form or other. Even the Nuclear Powerplants in Korea are running XP. REF: http://www.classicshell.net/forum/viewtopic.php?f=10&t=4259

If you are running XP on a macine that has a 64 bit processor, like we do at home it affords a little more security in the way that that processor works. Also we use Eset NOD32 AV that updates quite often and sometimes even more than one time in a day. Very good protection at work and home and we are pleased.

At home I dual boot my desktop with 8.1 and XP. Gives me a chance to run it and I use Classic Shell that makes it look and behave a lot like XP. Since I moved the folder "Favorites" to another drive and the "My Documents" from where it was in c:\Documents and Settings\username\ to a whole different drive (I have 3) then I can share documents and links back and forth from XP AND in Windows 8.1. I just provide shortcut links in the proper documents to the drive that has the "MY Documents" folder. EG. in the Videos of 8.1 is a shortcut link to the drive and folder that has My Videos in the other drive. If I save a new video there when in 8.1, I can also see it as well when I boot into XP.

The risk of running XP is high, most likely you will be exposed to lots of attackers

Bullshit. Running XP for several years now and even at work they have XP Home and a couple have XP Pro version. Internet capable all, and no attacks. Where is the facts that support such a claim that risk is high?

commented: ah yeah good old xp times +2

Where is the facts that support such a claim that risk is high?

In certain pentesting distribution, breaking into Windows XP SP1 is as easy as double clicking an icon and inserting IP, your AV might react, but then again, there are surely people who are more capable than just doubleclicking (like me). And it's definitely higher amount than people being able to break into Windows 8.1

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.