Windows XP End of life: Tips to Survive

Windows XP end of life

Windows XP End of Life….Microsoft has released the final updates and patches for Windows XP today (April 8th) and has officially ended support for the operating system. All future security flaws or vulnerabilities will not be patched, which leaves the 20-30% of users still using Windows XP highly susceptible to malware or other malicious infections. The obvious answer to this is to update to Windows 7 or Windows 8.1 operating system, but at this time most of the users still using Windows XP probably have no plans on upgrading to a newer, albeit more secure operating system. If you are amongst the users who wish to continue using Windows XP, then here are some tips we recommend to keep your system as safe as possible

Windows XP System Properties: checking for Service Pack
Windows XP System Properties: checking service pack version

1. Windows Updates: Make sure Windows Update is enabled & set to automatically install all Windows Updates. If you plan on running Windows XP going forward, you had better make sure you have Service Pack 3 installed, or if you happen to be amongst the few running Windows XP 64bit make sure you have Service Pack 2 installed.  To check for updates, go to the Start Menu, select “All Programs” and then Select “Windows Update” and install everything Microsoft lists as Urgent or Important. If you are not sure which Service Pack you have installed, you can check this by right clicking “My Computer” and selecting “Properties” and it will be listed on the “General” tab under “System.” Please refer to the picture to the right for what this should look like.

 

 

2. Microsoft Security Essentials: With the end of support for XP; Microsoft’s free and widely used Antivirus software will no longer receive updates or support. To clarify this only effects those running Microsoft Security Essentials & Windows XP. If you are using Windows Vista, 7 or 8 you are not effected by this change and will continue to receive MSE updates & support until those products reach end of life support. In light of this, all XP users should purchase subscription based antivirus software to stay protected, we recommend Malwarebytes Pro, which will run you $29.95 a year for 3 computers.

MSE End of Support
MSE End of Support

 

3. Start using Firefox or Chrome Web Browser: Internet explorer on XP hasn’t received updates since IE 8 and with the end of support kicking in today, will no longer receive further support from Microsoft. If that weren’t bad enough Internet Explorer is heavily integrated into XP, so any malicious attack on it will most likely infect windows XP as well. To combat this you should switch to a non-Microsoft Browser, such as Google Chrome or Mozilla Firefox and promptly install 2 Extensions (Chrome) or Plugins (Firefox), the first is NoScript and the second is Adblock Plus. Both are available for Firefox or Chrome and can be found from official repositories.  NoScript will prevent active content from running without your permission, thus mitigating the chance of a Java/Javascript exploit or cross-site scripting attack,  and Adblock Plus will remove both pesky and risky ads from websites.

4. Stop Using Outlook Express: Outlook Express is as old as XP and while it has certainly served us well over the years, the fact remains that the mail client doesn’t have the added or updated security to protect you against malicious emails. After April 8th you will be safer using web-mail than Outlook Express. However for those who still prefer a Mail Client, we recommend switching to Mozilla Thunderbird or Windows Live Mail. Although with the discontinuing of Support for other Microsoft Products with XP, we wonder how long Windows Live Mail will be supported on XP Machines.

5.Turn on Windows Firewall: We see it all the time, people on XP love to disable the firewall or blame it for problems they are experiencing. Regardless of your reasons, if your firewall is currently disabled you should enable it IMMEDIATELY! You may also wish to look into a hardware firewall if you are a business still using XP on machines connected to the internet.

Turn on the Firewall
Turn on the Firewall

6. Use Microsoft’s Enhanced Mitigation Experience Toolkit: Microsoft offers EMET to help protect computers from new or undiscovered threats. It is a bit complicated to setup, but Microsoft also has a full user guide available, which can be followed to install & configure it on a XP machine. Kindly note that you will need Windows XP Service Pack 3 to install and use EMET. For those interested, this same tool can be deployed on Vista, 7 and 8 machines as well to help safeguard against attacks that would otherwise gain access to your computer. You can download it directly from Microsoft.

7.  Limited User Accounts: Windows XP had two types of accounts: Administrator, who can install/remove software,  change system settings, and access all files, and Limited, who can’t install or remove software or make system changes. Most infections copy the user privileges of the account they infect, so a virus that infects an administrators account can do far more damage to a system than one that infects a limited user account. While it may seem cumbersome, XP users should create and use Limited Accounts for each user on XP. Administrator accounts should only be used to modify system settings and to install, update or modify software. After these task have been completed administrator accounts should be logged out.

8. Use a HOSTS File to Block Malicious Connections: The HOSTS file can be found in “C:\WINDOWS\system32\drivers\etc” directory. This file can be opened with Notepad and entries can be added to block connections to ads, banners, websites that host malicious content and much more. There is a long list of HOSTS file entries you can find searching Google, if you want a per-compiled list though you can start with MVPS. They also offer a great guide on implementing it for other versions of Windows.

Group Policy Editor: Turning off Auto Play for USB Flash Drives
Group Policy Editor: Turning off Auto Play for USB Flash Drives

9. Disable Automatic USB File Opening: XP Automatically opens all files on a USB Flash Drive once its plugged in. A Business may want to disable this for security purposes, more so than a residential user. However we recommend both users make this change in Group Policy. With all the threats online just looking to put a damper on XP, the last thing you need is someone plugging a USB Flash Drive into an XP machine and infecting it. You can disable this by using “gpedit.msc” without the quotations either from “Run” or “Command Prompt.” Once you open Group Policy Editor you will see a window that looks like the picture to the right. You will need to find  “System” which is located in the left pane under “Computer Configuration” then select “Administrative Templates.” You now need to switch to the right pane and double click “Turn off Autoplay.” A second window will open, which will give you the option to turn it off on “All Drives.” When you are done, click Apply and OK.

10. Upgrade to Windows 7 or Windows 8.1: Okay this last one isn’t really a tip for XP Users who refuse to upgrade to a newer operating system. However, ultimately it is the final step for all XP users and hopefully before disaster strikes. Individuals & Businesses that are using XP online should seriously consider upgrading to a newer operating system. The costs a Business might pay for maintenance alone for the remainder of 2014 could cost the same, if not more than it would cost to upgrade to Windows 7 or Windows 8.1. The only reason to continue using XP for a business is if you have legacy software that is critical to the operation of your business and it not supported on a newer operating system.

Windows XP End of Life support means drastic changes for those still using the operating system. Mystic Hardware understands how frustrating this can be, so we offer a full line of services for Upgrading & Migrating from XP to Windows 7 or Windows 8.1. If you are an individual or business in need of these services, please don’t hesitate to contact us.