Dear, Leo. All of my legal forms are made with a program called Perform. Unfortunately, the company closed a long time ago so there are no updates and it works only in Windows XP. Now I’m now on Windows 8.1 so I use VMware to run XP, SP3 in a virtual machine. And Perform is the only program that I run in it. There is no network connection between the virtual machine and the host system. My question: Since I do not need to connect to the internet in the virtual machine, if I uninstall IE from it, will I be immune to any malware for the virtual machine, of course? Also, is uninstalling IE the only thing needed to isolate XP from the internet?
Unfortunately, there are a number of issues with what you are proposing. I don’t think you are doing anything wrong, per say, but I don’t think you’ll end up as secure as you think you might be. For example, there’s no way I’d ever say you’d be able to make that XP virtual machine immune from malware.
Running XP in a virtual machine is indeed one of my recommendations for those who are required to use XP for otherwise unsupported legacy software – exactly like you are. So far, so good. But as I said, there remain issues.
Become a Patron of Ask Leo! and go ad-free!
First, Internet Explorer can’t really be uninstalled. You might make the icon disappear but the guts of IE are actually shared components within Windows itself.
So, so-called “uninstalling IE” actually does very, very little. Importantly, it really doesn’t improve your security all that much. Those shared components are used by other applications within Windows.
However, let’s say you somehow manage to uninstall IE. Your machine would likely still connect to the internet. The virtual machine has some kind of virtual network adapter that’s probably acting like a real connection to your local network. And from there on, it can connect out to the internet.
For example, utilities like Windows Update that have nothing to do with Internet Explorer will probably still reach out to the internet even if IE isn’t there. Internet connectivity is really kind of built into the operating system and the applications that run on it.
Disable the network?
Now, there is one possibility. As I said, the virtual machine has a virtual network adapter. You can disable that, which would remove the virtual machine from your network completely.
However, I’m guessing you probably have to transfer data between the virtual machine and its host. Or perhaps you print things. Both data transfer and printing are typically implemented using … you guessed it … networking. So turning off the network adapter within the virtual machine might break your ability to easily copy data to and from the virtual machine or to print from it.
Other forms of data transfer
You might think that using USB drives is the way to go: Copy the data to a USB drive on the host machine, then switch the virtual machine connection so that the USB drive is connected to it, and then copy the data off.
Unfortunately, you’ve still broken your protection. Malware can indeed travel via USB drives.
So unless you expect to never, ever transfer data to and from that virtual machine, and never, ever plan to print from within that virtual machine, most of what you’ve described won’t help. And the things that would help will prevent your virtual machine from actually being useful.
My recommendation? Do as little with that virtual machine as possible, of course. And it sounds like you are already doing that by using only your Perform application.
However, do make sure that your virtual machine is running anti-malware tools and that they’re up to date, and that the Windows XP firewall is also turned on.
Uninstall IE if you like and anything else for that matter, but please don’t think that’s buying any significant additional security.