If you are using Windows XP, you have surely received the notice that support ended on April 8, 2014. So what can be done?
- Upgrading to Windows 7 is a good solution if your hardware is good enough, but chances are if you are running XP, your hardware might not meet the system requirements, or even it if it does it might run really slow (although there are ways of making Windows 7 quicker)
- Using Lubuntu (or Ubermix for schools) as a Windows alternative is a possibility, but even with PlayOnLinux (which includes the Windows Emulator, WINE) installed, it does not run as many Windows programs (and those that do run, are not as stable as running in Windows), and its interface is different enough, that less techy folks may find it doesn’t meet their needs.
- So you may be stuck with running Windows XP. That is how we are with Highlands Community Charter and Technical Schools (HCCTS). We have many student machines that have Windows XP licenses, and due to cost, time, and needs, the above solutions just don’t work well.
So, we are in the process of locking down the systems as best we can, and this is how we are doing it. But keep in mind, no matter how well you think you lock down a system, there is always a chance of being hacked, especially with outdated software like Windows XP.
Consider Doing a Fresh Install
There is a high probability that your computer is infected with malware, which can potentially steal your passwords, credit cards, etc. Our experience has been that even after scanning and removing malware with Malwarebytes (currently one of the best tools to catch malware), we still have malware “mysteriously” return. To me this means that Malwarebytes didn’t catch everything, and even if you run every anti-virus program out there, they can still miss things, and so trying to lock down a system that has already been compromised will not work.
Thus, reformatting and installing a fresh copy of Windows XP is a safer option. Be sure to do this behind a firewall, as sometimes you can get infected with malware before you have time to get all the updates! (Yes, this has happened to me, although it was with Windows 2000 a long time ago…) Of course, also be sure to back up your data, and have copies of installation media or downloads for your programs.
Install as Many Service Packs and Updates as Possible
Set Your Main Accounts as Users (or even Guests) and Not Administrators
Windows XP was the first widely used version of Windows to have good multi-user support, with accounts. But it did not have all the protections that came with Windows 7 and above (OK, technically Vista had these protections, but few people like Vista…) By having your primary account being one that does not automatically have administrator rights, you GREATLY reduce the ability for bad software to get installed on your system.
Use Firefox or Chrome in Place of Internet Explorer
Internet Explorer (IE) has had many security holes over the years, and new IE problems found in XP will not necessarily be fixed, and it does not have as many additional security options, features, and add-ons as either Firefox or Chrome. So other than using Internet Explorer to potentially get Microsoft Updates, you should NOT use IE for your general web browsing. Google Chrome will be supported for XP users until April 2015, but Firefox does not currently have an end-of-life planned for XP, so it is the recommended software to use.
With Firefox (or Chrome), you should get several security add-ons, including:
Use a Physical and Software Firewall
This step is probably already done. If you are using DSL or Cable, and you have a router, it is doing a function called Network Address Translation (NAT), which has an upshot of acting like a firewall. If you have DSL or Cable, and you don’t have a router because you only have one computer connected, you should get a router!
Windows also has its software firewall turned on by default. But you should double check it, and if you didn’t do a fresh install of XP, see how many exceptions are turned on.
Install and Turn On Security Software
This is important, but in my opinion, is your other security software (anti-malware). Which software is best to use changes with time, but PC Magazine usually offers useful reviews. Although, there has been some debate about Malwarebytes free version, which does any excellent job of detection, but doesn’t have a real-time scan. Whichever security software you choose, you should consider when it plans to stop supporting XP, and this article has many of these dates listed.
Read Other Lock Down Guides
If you search Google, you will find other guides to lock down XP, such as this one.