We all (hopefully) know that continuing to use Windows XP is a risky business.
The operating system stopped receiving security patches from Microsoft in April 2014, which means anyone still relying on the platform is at risk of being impacted by vulnerabilities that are being fixed in more modern versions of the operating system.
In other words, XP users are living in a state of perpetual zero-day.
But, perhaps you decided to persist with Windows XP, despite the pleas from Microsoft to give it up, and the advice of security professionals.
Maybe you decided to run a freebie anti-virus solution like Microsoft Security Essentials on your XP computers in an attempt to protect yourself from the uptick in vulnerability threats and malware attacks.
Well, now you have an additional problem.
Because Microsoft officially ends XP support for its Malicious Software Removal Tool and updates for Microsoft Security Essentials today.
The key part of the message is written in a tiny font at the bottom of that screenshot, so I’ve highlighted it up and increased the size of the text for you:
The Malicious Software Removal Tool and updates to Microsoft Security Essentials will continue to be provided for Windows XP through July 14, 2015.
As Heimdal Security reports you would be far from alone if you did stick with Windows XP. It is estimated that XP still has around 180 million users (approximately 12% of all Windows users out there).
My best recommendation to you is to stop using Windows XP entirely, especially if your XP computer is connected to the internet. Simply finding an alternative anti-virus to run on Windows XP can only be considered a stop-gap, as the updates will not continue indefinitely.
Instead upgrade to a more recent, properly-supported version of Windows or switch to an alternative operating system.
You’ve been gambling with your security for long enough. Make the change.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
26 comments on “Still using XP? No more Microsoft anti-virus updates for you!”
Advice to those who want to stick with XP or have an older machine and would `like to pump life back into it.
Wipe you XP computer and install XP with the latest service pack, update all your drivers using Device manager, before you connect to Internet turn remote assistance off completely so that it stops the risk of someone using your PC remotely from another location.
Setup a limited user account,. Install Antivirus and Antimalware programs if needed.
There are several browsers such as Google Chrome, Mozilla Firefox, Opera,Comodo Dragon browser. etc.
If you're going to use IE use the latest one and treat it like you would any browser the latest Internet Explorer is (IE8)
Top Antivirus you could try
Run Disc cleanup and Disc Defragmenter on a planned basis.
Make a backup of all your data just in case anything happens to your computer, Be careful what you share, and be careful if you upload anything to your computer.
A computer regardless of the Operating system can be hacked you don't have to be using Windows XP just to get hacked.
XP has a built in firewall and blocks most known incoming connections, make sure you have it turned on, you can also configure it yourself and unless you allow something in your Firewall it will block it ,so anything you don't allow in your Firewall it will ask you for confirmation first.
In each limited account you create with a password, each one of them comes with Data encryption so you can make your folders private. So only you can access them.
You never really need to use an Administrator account, Limited account performs most of the tasks that you can do using Admin.
However some programs need to run under Admin to work, but that's ok because if you install a program that's safe and you use it in you limited account you can just run it under Admin type in your password and away you go, and you hopefully you know the program is safe otherwise you wouldn't have installed it in the first place.
To lessen the risk when you're online use your limited account, your limited account won't run under Admin rights unless you tell it to do so, this means that in this account you won't be able to install anything onto your Computer, but this also means that you won't be able to automatically install a program that could give you a Virus or make your Computer more vulnerable in any way.
Sure security explouiits are always ggoing to be there there are flaws in every system trthere is no such thing as a flawless system and even if there was systems go up and down hill all the time because they keep changing.
The other thing is use common sense when you're online, would you download something with crap reviews?
Would you go onto a dangerous website?
If you're in a business or someone with a lot of important information on your computer try using a Local are network (Lan) instead of a wide are network (Wan). Lan is more secure than wan.
It's not XPS fault if you go onto porn sites, use proxies, click on all these ads honestly a lot of computing is simple common sense.
I do not want any updates for XP, That computer now has Linux Mint, & it is working better than ever.
I am still using XP but I have upgraded to Linux Mint 17. With it I run ALL the Microsoft Software plus the Programs I have written in VB. I have installed Autocad on my Linux System and it not only runs, but it is Much Faster. In Linux I Never get a Blue Screen. Where I live, there thunder storms often and the power goes off. Nothing happens in Linux, except that it boots up normally. Most who bash Linux are either not familiar with this Great OS or have Maybe tried it and did not really put some time into learning all the wonderful things it can do… Virus, in Linux you will ask, What is that…
While I am a long time Unix (SunOS/Solaris and various of the BSDs being the most prevalent) and even Linux user, I want to point out some factually incorrect statements of yours.
"In Linux I Never get a Blue Screen."
Perhaps not, no. But there still exists kernel panics. Maybe you're unfamiliar with it but that says something by itself, doesn't it? Sorry but there are many ways to crash a Linux system (some are incredibly simple even). Just because it might be better at handling some situations does not mean it is perfect (no such thing).
"and the power goes off. Nothing happens in Linux, except that it boots up normally."
Perhaps you're blinded by a graphical bootup screen? I suppose it is common, many that use it these days, never used it without graphics. For the record: things DO happen it is just that most of the time it can recover automatically. If you don't umount ('unmount') file systems cleanly, your system will run fsck (file system check) the next time it is mounted, and it will either fix problems automatically OR inform you that it requires manual intervention. Yes, it can happen, and yes, even when it fixes it automatically, there are problems (sometime all is OK but other times not).
"Most who bash Linux"
Good pun, whether you meant it or not.
"Virus, in Linux you will ask, What is that…"
Does The Morris Worm not ring a bell ? Does the ramen worm not ring a bell ? I could add others of course (and then there are many backdoors, rootkits, trojan horses, keyloggers, list goes on), but the bottom line is you are very ignorant here indeed: the difference is that Windows is a larger target (audience) and therefore is what you hear of most often. I might add that MacOS also sees malware, and guess what OSes (yes, more than one) it is based on ? NeXT is one of them, and I'll let you discover the .. second one.
"..are either not familiar with this Great OS or have Maybe tried it and did not really put some time into learning all the wonderful things it can do…"
My opinion is that most people stay with XP is that they don't want to got to the hassle of moving to a newer Windows OS and reinstalling there old software. So why would they want to do what you suggest? They might as well just move to the newer OS and be done with it.
An unsupported system is ok, if you know what you're doing you're just not going to get any help or interest what so ever from that company anymore.
So why would they want to do what you suggest? they don't have to, but if they are using it and they do make a mistake because they ignored the advice then there's that risk and they can't say they weren't warned.
Any kind of support for XP now is pure luck.
Luckily i'm helping those users a long with others as well.
They might as well just move to the newer OS and be done with it.
Well no, because although some XP systems not all , can upgrade they will run slower with a newer Operating system than a clean install of XP, or a current installation of XP.
So they would need a machine for Vista or higher to cope even then XP would use less resources than a newer system.
Either they restore it all the way back to the start if they can, they do a clean install which would run much faster, or they could go buy a new machine because they couldn't be bothered or didn't manage to get hold of a copy of XP, or they could do nothing it's up to them.
"they do a clean install which would run much faster,"
Funnily enough they could do that with a more recent version of Windows.
"Well no, because although some XP systems not all , can upgrade they will run slower with a newer Operating system than a clean install of XP, or a current installation of XP."
Not necessarily true, either. Besides the fact that Windows 7 was released and besides the fact Windows 8 was also released and besides the fact Windows 10 release date was announced (lots of changes)… just because it is more recent doesn't mean it takes more resource utilisation. You might find it hard to believe but there have been improvements; even I have to admit that, from what I've seen (I don't personally use Windows but I have family that does). That admittance is somewhat painful on my behalf but just like I try my best to use constructive criticism I also will stand up (which includes praise) for those where it should be (they did something commendable or they're being criticised unfairly.. both of which apply here).
"or they could do nothing it's up to them."
Obviously. But if you truly wanted to help you wouldn't be encouraging them to continue using XP (or giving them reasons to believe that using XP is a good idea).
In the end, every computer will eventually die (if used until the end) and over time XP will be more (and more) difficult to run on newer hardware. And besides, when you get new hardware, why would you want to run old software on it?
Terrible advice and frankly it is irresponsible to suggest these things. No one in their right mind would suggest this and no one in their right mind would follow through with it! Yet .. some would, quite clearly.
Think of your own computer(s), first and foremost, then think of the many risks (these are only some and I'll not elaborate on each because there is far too much to elaborate on):
It risks your data and that can end up risking (and actually affecting) your physical safety (etc.) too. Then others are affected indirectly: being a zombie is bad enough (and something you do not want to be part of, surely?); but consider that there is spam (attempts still use resources on the networks as well as servers! and unless you enjoy spam then think of it the other way round), DoS (and DDoS) attacks and those are only some of the bad things.
Absolutely horrible advice.
Even an up to date computer can get DOS/DDOS that's got nothing to do with them being hacked or not getting updates either.
That's to do with the attacker or attackers sending to many requests to a server or website to make it crash.
Even the Xbox one, xbox 360,ps3, ps4 suffered to this attack.
You have no idea who you're telling this to. You also seem to not understand my points. At all.
I wasn't suggesting THEY could be the target of a DoS attack, was I? No. If you read more carefully you'd understand this. You might also understand the other points. Maybe. But you didn't read it carefully.
Btw, your definition of a denial of service condition (attack or otherwise) is very… how to say it… incomplete? It is also factually incorrect: it doesn’t require too many requests (flooding is one method but there exists many different types of floods and also different ways of launching them). It doesn’t necessarily cause a crash, either.
You’re also using the logic that systems that are updated can be attacked so it is a good idea to use a system that can’t be updated. That is flawed.
And now that the most important points are out of the way, let's take a few of your ideas apart:
0. "The other thing is use common sense when you're online"
You should take that advice! I feel very few would think otherwise.
1. As someone else suggested; why would they install XP again when they could instead install something that gets updates ?
2. You shouldn't have remote assistance on (especially unfiltered), full stop; it has nothing to do with XP.
3. "There are several browsers"
I imagine they put that together, funnily enough; how else would they have read this page ?
4. "Top Antivirus you could try"
Even if you consider top being subjective, any qualified person wouldn't tell them to reinstall XP and an AV… That says something itself.
5. "Make a backup of all your data just in case anything happens to your computer"
Backups should be daily; you point this out for 'disk cleanup' and 'defragmentation' but not backup. Backup is far more important!
6. "you don't have to be using Windows XP just to get hacked."
But you have to be incredibly naive and lack serious judgement to be using XP long after it stopped receiving updates. I find it hard to fathom that you would be encouraging they use XP, unless of course you're hoping more do it so more are vulnerable (misdirection in your post?).
7. "XP has a built in firewall and blocks most known incoming connections,"
A firewall typically has ingress filtering AND egress filtering… It also should be far more functional than what you suggest. Proper firewall configuration is really important (bad configuration can be harmful). Just as FYI.
8. "However some programs need to run under Admin to work, but that's ok because if you install a program that's safe and you use it in you limited account you can just run it under Admin"
These contradict each other. If a program has a bug, and it has to be run as administrator, then guess what user (and what it has access to) is affected by the bug? Obviously not the user not running it.
9. "security explouiits are always ggoing to be there there are flaws …"
Yes, and those no longer receiving updates are going to have more of those. Among other kinds of bugs (unfixed).
10. "If you're in a business or someone with a lot of important information on your computer try using a Local are network (Lan) instead of a wide are network (Wan). Lan is more secure than wan."
See my point about egress filtering. Being physically detached from the Internet isn't enough either – if you're vulnerable you're vulnerable. If you consider external media it is even worse!
Unsafe is unsafe. True, there is no 100% but percentages are percentages OF something. The fact you're suggesting these things that are completely backwards (meaning < 100% of what is possible) means you're not improving things but instead making things worse.
OK, so just use Avast or one of several other good AV programs. Microsoft's product was third rate anyway.
I would suggest continuing to use XP. I see no reason to try and upgrade to anything else. XP works fine on my machines and I see no features in the newer operating systems that have any significant value, including their so-called security enhancements. I run antivirus software as I have done for many years and I see no reason to change at this point. if I buy a new machine I might consider moving to Windows 7 but that is about as far as I am willing to go at this point.
"Because Microsoft officially ends XP support for its Malicious Software Removal Tool and updates for Microsoft Security Essentials today."
But… wait! They didn't remove XP yet! That would be the most helpful but I don't see that happening. I'm on the fence of whether this is telling or not.
They didn't remove XP yet? What kind of a wacko statement is that? What are they going to do? Come to your house and remove your XP? What you are running on your machine day to day has nothing to do with MS. Fact of the matter is that they don't know what you're running. Get rid of XP and run Linux instead. Do you suppose that MS will have the slightest idea?
MS has nothing to do with your PC, day in or day out. They are there to make money selling OSs but if you buy their OS, don't install it and go somewhere and fly it like a Frisbee, MS will never know about that either.
Guess what your ISP uses for servers? Linux.
It is called sarcasm. Perhaps you've heard of it?
(And I find it really amusing that you would be telling me about Linux, seeing as how I've used different Unix OSes for the past 20 years…and that I don't own a computer that has Windows, either…)
Edit: Just because you didn’t get it, I’ll clarify a bit: I was calling XP malicious software and simultaneously mocking the software removal at the same time. There were other points but those were the two main points.
Been using XP with no updates for close to 10 years. I do not, will not ever let windows/Microsoft update my OS. No reason to. Haven't had a virus in close to 10 years. I don't click on anything.. at all, unless I'm 110% sure what it is. I do not run any virus/malware etc scanning software, I have none on my machine. Every so often, like once a year, I'll download one of the free ones and run it just so see what it finds… it never finds anything.
Agree. I'm using XP right now with no "protection" and it's fast and so easy. Not like those big intrusive tiles of the later Windows. And I also been using XP for years. What, are we still in a XP Apocalypse standstill.
You are both idiots.
Sadly they won't understand just how much so or even how or why… But yes.
For someone using the computer only for text processing or communicating/gathering information, maybe upgrading from XP to a higher version, is not a bad idea.
But what about people like me, who use the computer mainly for design and controlling external devices, like CNC, 3D Printers, security systems, and others alike, specifically designed to be used under XP? How can I support the expenses to buy new necessary software to run under the new versions of Windows and what should I do with the machines running ONLY under XP? Dump them?? To give up my many years of work only because the guys from Windows want to replace XP with newer versions that simply don't work for me or for millions of users like me? That's crazy!
They "improve" and develop new software on daily basis but the technology doesn't goes this way. A big CNC router for example, costs tens of thousands of dollars, and it runs under XP. For the software developers playing with billions of dollars that's nothing but for me, a simple individual, it's a huge amount of money and I can't simply afford to change my machines every time Microsoft decides to change the OS!!
The narrow minded people from Microsoft should try to see the big REAL picture, instead of focusing only on the development of their products at any price. After all, it seams to me that they decided to simply ignore the real necessities of millions of XP users and go ahead with imposing new Windows versions regardless of the consequences for the users like me. Jerks!
Ending support really is an advantage to them to save money the same for any business.
It's not that different than taking your car to the Garage, and them telling you you need to buy their latest model even though you like your car and for a fact there's nothing wrong with it, and they tell you if anything happens to the car they won't fix it for you , and they'll tell you how rubbish it is that it'll overheat and could risk catching fire and any regardless how much can do that.
Anyway, there's nothing wrong with XP, if you know what you're doing and you know what to do and what not to do and everything is working fine then you haven't got a reason to upgrade.
And i'm pretty sure if you were worried about staying on XP you would have upgraded by now.
No company is going to ring you up in person and thankyou for upgrading.
"After all, it seams to me that they decided to simply ignore the real necessities of millions of XP users and go ahead with imposing new Windows versions regardless of the consequences for the users like me. Jerks!"
Perhaps you shouldn't have used commercial software, then, if you don't want to spend money for updates? You know, there are free OSes but if you can't use them and you dislike the company you bought an OS from, there is another choice: don't use a computer. But you prefer to blame them for no longer supporting an ancient OS; indeed, they are 'narrow minded jerks' in your mind. Ironically, your view is quite narrow minded and you're being unrealistic.
Even if it was only for profit (and it isn't; software can't be expected to be supported forever – technology evolves and you have to adapt and evolve with it or otherwise not have support) can you really blame them? They're a corporation and therefore will have this need for a profit.
And for the record: free software goes through life cycles too for very similar reasons, which means it isn't only about money.
 Eventually you'll understand this: once we start shifting from 64-bit to 128-bit CPUs and/or when your computer dies (and it will in time), you'll have no choice in the matter. Even if you already have a 64-bit computer, there will come a time where you'll have to upgrade and XP won't be updated to support newer CPU families.
AV-Test recommend Avast or Panda as best free antivirus and Panda also get 100% with the latest AV-Comparatives test
Why bother upgrading to more windows, they only want you to do that so it keeps Microsoft in business buying there useless programmes and making even more money F*** microsoft
Oh how terrible! What ever will we do now that Microsoft's useless antivirus system won't work anymore?!