Windows XP

This page is a starting point for anyone still using Windows XP. That includes people who plan to keep using XP after its support ends on April 8, 2014, as well as those who plan to upgrade to something else.

If you’re brave enough to keep using XP after support ends, there are a few things you need to know or do.

Stop using Internet Explorer

Internet Explorer on Windows XP will no longer receive security updates after support for XP ends. Even if you’re using IE 8, which is still supported by Microsoft, any new updates for IE 8 will be unavailable to XP systems. Do not use IE to browse the web, as you are guaranteed to end up with malware. Use Firefox or Google Chrome instead.

You should also change the default web browser from Internet Explorer to something else. Both the Firefox and Chrome installers will ask if you want to do this. Once you do this, clicking on a web link in email or anywhere else will open your new default browser instead of Internet Explorer.

You might want to consider disabling Internet Explorer completely. You can do this by going to Start > Settings> Control Panel > Add or Remove Programs > Set Program Access and Defaults. Click the down arrows to the right of the ‘Custom’ entry, select your new default web browser if you haven’t already done that, and clear the ‘Enable access to this program’ checkbox next to Internet Explorer. Then click OK.

Disabling Internet Explorer will remove shortcuts to the browser from your Start menu, desktop and Quick Launch toolbar, so you’re less likely to run IE by accident, but you can still run IE from the Run dialog by entering ‘iexplore’. It also won’t stop you from running Windows Update or Microsoft Update, so you can still get access to updates you haven’t yet installed, hardware drivers, the Microsoft Malicious Software Removal Tool (until July 15, 2015), and Security Essentials updates.

Disable or stop using Flash

Adobe Flash on Windows XP will no longer receive security updates after support for XP ends. Regardless of the web browser, you should avoid sites that use Flash, including Youtube.

Run as a regular (non-admin) user

Security professionals have recommended it for years, but now it’s of vital importance that you stop using Windows XP logged in as Administrator (or any other user belonging to the Administrators group). Doing this will not protect you from everything, but it does help. Running as a regular user makes it more difficult for malware to install itself on your computer, since technically only administrators can install software.

If you’re running Windows XP as a user other than Administrator that has admin rights, just remove the user from the Administrators group. If you are running as Administrator, you’ll have to create a new user, which means you’ll lose all your customizations and program settings, which is going to be annoying.

Install good anti-malware software

Nothing much has changed here; running good anti-malware software has always been a good idea. What’s changed is that if you’re using Microsoft Security Essentials, you should think about switching to something else soon. Microsoft says that they will stop providing updates for MSSE on July 14, 2015. There’s a list of good alternatives at the No more updates for Security Essentials on Windows XP after April 8 post.

Get behind a router/firewall

At this point, most computers running Windows XP are probably not connected directly to the Internet. At home, Internet service providers almost always install routers between customer computers and the Internet. Newer modems include router functionality. Businesses almost always use routers to protect the local network and provide network connections for multiple computers.

Most routers include integrated firewalls. While it’s true that some routers provide better protection than others, and some are very insecure by default, most provide a significant level of protection against Internet-based attacks. Computers inside a router are protected because of Network Address Translation (NAT), which makes it difficult, if not impossible, for anyone on the Internet to see what’s on the local network, much less attack it.

If you’re not sure whether your Windows XP computer is protected by a router, do the following:

  1. Press Windows-R on your keyboard to open the Run dialog.
  2. Enter ‘cmd’ and press Enter.
  3. At the command prompt, enter ‘ipconfig’ end press Enter.
  4. Look at the entry for ‘IP Address’. If it starts with ‘192.168’, then you’re inside a router.
  5. Navigate your web browser to whatismyip.com. This site will display the IP address of your connection to the Internet. If it’s not the same as the address shown by ipconfig above, then you’re almost certainly inside a router.

The Ouch! newsletter for March 2014 (PDF) provides a useful overview of what you need to know if you’re still using Windows XP. Ouch! is written for users.

Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.