I’m getting lots of variations on this question, as the day is fast approaching. To be clear, XP will keep on running, but any vulnerabilities that are found in it after the cut-off date will simply not be fixed. It’s kind of like your old ’57 Chevy that still runs great but for which you just can’t get any parts; not to mention leaded gas. You could drive it until it breaks, but then what?
So my knee-jerk response is to recommend that you update to something later. Windows 7 or Windows 8. Trust me, Windows 8 just isn’t that bad.
But I know that’s just not a viable solution for everyone.
So let’s look at what it means to stay with XP.
There’s nothing really new or special that you’re going to need to do to keep XP safe: just things that you should already be doing. Keep your security software up to date. Make sure you’re behind a firewall; be it a router or a software firewall. Install anti-virus and anti-spyware tools; make sure that those are up to date. Basically, use the internet safely particularly when you’re running Windows XP.
It’s nothing new, but it will be more important to keep all that in place.
Of course, if your security software vendors stop supporting XP, you’re going to need to find another right away. Microsoft just announced that Microsoft Security Essentials will keep working well over a year past XP’s end-of-support date. That’s good news, but it does mean that when that additional year is up you’ll need to find a replacement for MSE.
That’s true for any security package you run. As long as it keeps supporting Windows XP, you can keep running it. But the moment that it doesn’t, you need to make sure to find an alternative. I think that, over time, vendors are slowly going to hop off the XP bandwagon.
The security risk that XP will become
The ultimate risk of staying on with Windows XP is simply this: A vulnerability will be discovered that will not be fixed, and malware will arrive that exploits that vulnerability. You’ll then be relying on only your anti-malware tools – and your own common sense – to protect you for as long as you continue to use XP.
Contrast that with the way things normally work.
We tend to focus on our anti-malware tools; but you’re really only relying on anti-malware tools as a first line of defense until a specific vulnerability is fixed. If malware gets to your machine after Windows has fixed the vulnerability that it was designed to exploit, it’s not going to infect you. So the combination of both staying up to date (to get the vulnerability fixes) and running good anti-malware tools (to block any attempts to exploit the vulnerability) makes a lot of sense in general.
The problem, of course, is that with Windows XP, staying up to date will no longer be an option after the cut-off date – those patches to remove vulnerabilities will no longer be provided, leaving your anti-malware tools as your only defense.