Windows XP end of support

I recieved an email saying that Windows XP's support is ending.

I have a computer with Windows XP and I want to know what are the risks on this computer that this page (linked in the email) doesn't talk about.

I am aware they push for a Windows update or a computer change but this computer works well and I am not planning on changing it now or updating to Windows 7/8.

I use this computer for basic web search and mainly Word, Excel...

What should I do to protect my computer from "security threat" and what is this "security threat" exacly?

UPDATE

ramhound and vonbrand pointed out The email I am talking about most probaly is fake and not sent by Microsoft.

I am still in the unknown about what should I do to keep my computer as safe as possible

web-tiki

Posted 2014-03-04T12:11:23.560

Reputation: 131

4Who sent this email? Because it wasn't Microsoft. They don't even have your email. – Ramhound – 2014-03-04T12:20:57.843

@Ramhound Wel it seems like they do. it comes from windows[at]email.microsoft.com and links in it popint to microsoft website. – web-tiki – 2014-03-04T12:25:52.007

3As I said Microsoft is not aware of your email, even if they have it, they have no idea your still using Windows XP. My concern is you have clicked on a link not actually sent by Microsoft. You should never click on links contained in an email – Ramhound – 2014-03-04T12:27:48.783

1It is very"easy to fake the From: line in an email. As @Ramhound says, this might be some kind of online scam (getting you to pay for some "protection") or outright malware installation. Perhaps you should ask here (separate question!) for step by step instructions to thoroughly clean your machine and secure it. – vonbrand – 2014-03-04T13:07:11.833

@Ramhound and vonbrand I understand that this email might be fake, thx for pointing it out and I'll take care of it. this wasn't the point of my question. – web-tiki – 2014-03-04T14:17:04.100

@kinokijuf the question you are pointing to doesn't answer the "what should I do to protect my computer" part witch is main concern of my question. I had already seen it and found it intersesting but I still had no clear answer of what I should do. – web-tiki – 2014-03-04T14:19:21.753

@chadocat See now my answer again. – stderr – 2014-03-04T14:44:42.380

There will be an official pop-up message apparently, see http://www.dailytech.com/With+Windows+XP+Support+Ending+Soon+Microsoft+Uses+Popups+to+Encourage+Upgrades/article34436.htm

– maxpolk – 2014-03-04T17:51:31.597

Answers

This can mean a couple things depending on the context in which you are using the operating system. Obviously security is a big concern, but skipping over this we can look at the usability of the system and applications on it.

Once support ends you won't receive updates anymore. As you can expect it will soon get to the point where you system gets slower as applications add more strain in their system requirements. Obviously there is a benefit of no being bugged for system updates, but they are somewhat important for your system.

It is interesting to read this article How Windows XP end of life will affect your desktop applications.

enter image description here

Update

I found a great article that explains how to maintain the safest xp even after the end of support. See When Windows XP support ends, here's how to keep your PC secure.

Summing up the above mentioned article, the steps to make xp is the safest is:

Install a Anti-Virus.
Update your softwares.
Update Drivers.
Switch Browser(If you're using Internet Explorer under XP, it's time to stop).
Disable Java for Web Browsing.
Switch to a limited Account, or Enable Guest Account.

stderr

Posted 2014-03-04T12:11:23.560

Reputation: 9 300

very interesting article, it seems XP can still live for some time :) – web-tiki – 2014-03-04T14:47:32.097

"Obviously there is a benefit of no being bugged for system updates" That's not an advantage at all. Anyway, you should really elaborate on those steps: they're generic and might have worked even long before the end of support. For example, why should someone switch to a limited account? Is a different browser really more secure? What about disabling Java? Don't expect people to blindly follow someone else's advices, especially without reasoning and explanations. – and31415 – 2014-03-04T17:36:50.603

@and31415 for more information see the article mentioned, I only mentioned what are the steps in the article, in abbreviated form. – stderr – 2014-03-04T17:43:10.113

@DBX8, Can't we simply just update Java instead of having to disable it? – Pacerier – 2014-05-24T15:46:38.190

@Pacerier Disable would be a sensible option, update Java is a good choice too! – stderr – 2014-05-24T15:55:57.720

Let me try to clear up what the "security threat" means for you. Basically, the problem is that existing security vulnerabilities in the OS and related programs (like Internet Explorer) will not get fixed. Let's look at an example:

Example scenario

Let's assume that there is a (still unknown) bug in XP's picture viewer. This bug will make it possible for a specially crafted image file to inject malicious code into your system. So if you click on such an image file, you're computer might get infected with malware.

Now if such a vulnerability were found in, say, Windows 8, Microsoft would release a patch to fix it as soon as they learn about it. So if you use Windows 8 and keep it up to date, you will not be vulnerable to any malicious image files. But if you're still using XP, you will not receive the patch and will still be vulnerable to attacks targeting this specific vulnerability.

Ok, but this was hypothetical, right?

Well, not so much. Microsoft very recently patched a TIFF file vulnerability which allowed arbitrary code execution via malicious image files - for example by viewing an attachment in Outlook.

Oh my. But that's just Microsoft's software - how does this affect 3rd party programs?

Any 3rd party programs which have their own updating mechanism (like web browsers, PDF viewers, Java etc.) will not be affected, as long as you keep them up to date and they don't rely on vulnerable Windows functionality. For example, most browsers have their own image reading code. Still, you don't know for sure if a specific program you're using relies on potentially vulnerable Windows functions.

Bottom line

If you follow the guidelines given in the other answer, you should still be pretty safe for a while. But theoretically, a new vulnerability could surface any day, and would leave your system open to attacks. And even when using virus protection software and a limited user account, there remains a small possibility that a certain security hole makes it possible to bypass all your security measures.

lethal-guitar

Posted 2014-03-04T12:11:23.560

Reputation: 217

Where is this "Tiago's post" you are talking about? – Pacerier – 2014-05-24T15:48:03.963

@Pacerier That was the previous display name. It's DBX8 right now. – and31415 – 2014-05-24T16:22:44.183

If you don't get any updates, some "zeroday" exploits, which browsers have a lot of, could get either worm viruses, or hackers, access to your computer. I do a lot of security and was fooled by a friend on a Java zeroday. Never used Java in my browser ever since :)

Sniffleh

Posted 2014-03-04T12:11:23.560

Reputation: 41

What is a "zeroday"? and I don't realy understand what you mean about java. – web-tiki – 2014-03-04T12:15:49.643

Zeroday is a term for a new exploit, usually not published to "legit" sources. It's not just java, browsers get them without any plugins. google for "browsers zero day" and you'll get the big picture on how insecure this is. this article is from 6 days ago http://www.infoworld.com/t/web-browsers/internet-explorer-snowman-zero-day-spreading-use-alternative-or-patch-kb-2934088-237200 think about getting this in your computer, bad bad zeroday ;)

– Sniffleh – 2014-03-04T12:17:07.073