9 Tips for Securing Windows XP After End-of-Life

Microsoft Windows XP will no longer be receiving anymore security updates beyond April 8, 2014. What this means to most of us who are still on the 13-year-old system is that the OS will be vulnerable to hackers taking advantage of security flaws that will never be patched.

According to Net Applications, 30% of the world’s PCs are still running on Windows XP. That is a huge bulk of the market, a portion that cannot be neglected. Microsoft and other security vendors have been actively encouraging users to migrate to the latest OS, where security updates are regularly issued, but for some people, this is not possible.

No matter what their reasons are, even though they may run into security risk because of the ended support, there are several ways to mitigate most of risks and to reduce the chances of being attacked. Here are 9 tips to help you survive the end-of-life for Windows XP.

1. Back Up Everything, Every time

Not a tip specific to Windows XP but a valuable one nonetheless. It should be emphasize that although the tips here will help you mitigate risk, they will not eliminate them and therefore, having a regular, working backup is crucial in case anything goes wrong.

Make sure you back up what you cannot afford to lose, properly and securely if case your XP machine runs into an exploit that could corrupt your data. XP doesn’t come with its own backup tool but there are multiple ones available online.

2. Keep Your Antivirus Updated

XP may not be getting any updates anymore but that doesn’t mean that it won’t be getting antivirus updates. The majority of security vendors will still be providing update to their software running on XP, including Microsoft’s own Microsoft Security Essentials (MSE).

This won’t help you if an exploit targets a vulnerability in the operating system but will protect your system from day-to-day malware.

3. Don’t Use Internet Explorer

Internet Explorer 8 was the last version of IE to be released for Windows XP. The OS never got a newer version of the web browser so XP is stuck with an outdated and unguarded attack gateway via browser.

If you are on Internet Explorer, but have the option to change to another, more modern and secure browser, consider changing to browsers like Mozilla Firefox or Google Chrome. Unlike IE, these browsers are still being maintained for XP and will be for the near future.

4. Remove Java, Adobe Flash and Reader

Many security breahes nowadays use third-party plugins as an attack vector, with Java, Adobe Flash and Adobe Reader being the usual suspects. If you are not using any of them on a regular basis, remove them completely and you will remove the biggest attack vector on your computer.

However, if you still need them because of the good work that they do, compromise by installing only the Java functions you need; opt for HTML5 or use click-to-flash add-ons to replace Adobe Flash and do consider third-party PDF readers that are available for free online.

5. Choose Your Software And Keep It Updated

Installing third-party software will always introduce a new attack vector into your PC so choose what you install carefully. Remove those that are no longer being used. Also, make sure you keep those programs updated as developers will always add in bug fixes and patches with the latest updates.

6. Always Scan Your USB Drives Before Connecting

Perhaps the most common way to spread malware is via the unassuming USB drive. Computers you find in colleges and cybercafes are common victims of USB-transmitted malware as they are passed around unawares by one user to the next. If you have no idea where that USB drive has been, always scan it before using them with your XP machine.

7. Use A Limited Account

A study done by Avecto states that 92% of severe vulnerabilities reported by Microsoft can be mitigated by removing admin rights from your account. An attacker can only execute an exploit if they can get the access to do so and using a Limited account is the easiest to block them.

Consider creating a Limited account (find out what a Limited account is here for your day-to-day activities as most of the time you will only be using your admin rights to install or update programs on your computer.

8. Use XP In A Virtual Machine

Here’s another reason many users are reluctant to upgrade their Windows XP to a newer OS version – they lose out on the third-party software that they are using on their Windows XP because a newer version is not available on the latest OS; or they have to repurchase a newer version.

(Image Source: Ars Technica)

If this is the case with you, consider running third-party software on a virtual machine. This will put the OS in its own self contained system within your computer. Microsoft provides a free "XP mode" for those who have Window 7 Professional and above. If you don’t have the version required, try VMware Player, which is free for personal use (you will need a copy of XP to install).

9. Disconnect From The Internet Completely

When all else fails, and you are bent on keeping your XP machine unchanged, consider cutting off all connection between your computer with the World Wide Web. If you take this route, you can ignore the majority of the tips mentioned above. If the only reason you are running XP is to support legacy software or hardware and you don’t need the internet, simply disconnect.

(Image Source: digitalprotalk)

This will remove virtually all the ways that an attacker can exploit your computer. If they can’t reach it, they can’t attack it.

Conclusion

By following these simple tips, you will be able to reduce the risk of your XP machine being compromised. However, the best way to be safe is to move on to a modern operating system. If the newer Windows isn’t to your liking, consider switching to a Linux distro as they have advanced a lot when it comes to ease of use, plus they are generally safer than the Windows family.