[Closed] Windows XP. Will I die?

You'll probably be fine. Over time as exploits are found they will become vulnerable but chances are you'll be ok for a few years.

The NHS, on the other hand, have over a million devices still running windows XP and have just given Microsoft another £50 million to carry on supporting them for another year...

1... no but your computer might
2... yes if you can, might be easier just getting a new cheap computer or laptop with windows 7 on.

All depends on how much you value whats on those computers. If they get infected with malware in the future and they become unusable can you do without them?

1. Yes, eventually

2. I really wouldn't want to do anything confidential, like internet banking, on a machine that has been abandoned in terms of fixing security holes. If you need a machine that can be trusted not to be infected with malware then I would say yes. Some will suggest installing Linux in place of XP on the machines to allow you to keep using the machines. If you have some time and patience and only use the PCs as browsers* then this might well be a viable alternative.

* Yes, liunx can do a lot more than that, but it is fairly simple to convert to using it for simple tasks, the more you want to do the more you will need to geek up.

Right. Thanks for that. Bearing in mind that I’m a bit of a luddite I have a 3rd question. I’ve got an XP machine that I bought from my previous employer. It is clean and has nothing on it except Office 2007. This will become my wife’s new PC as her old one is becoming increasingly unreliable.

3) If I were to upgrade from XP to Windows 7 would the Office need to be reinstalled?

One thing I spotted the other day that no-one seems to be talking about,

When XP retires, the updates for MSE XP will also stop.

3) If I were to upgrade from XP to Windows 7 would the Office need to be reinstalled?

If you do an in-place upgrade over the existing install then no, is should Just Work. Run the Upgrade Advisor first, make sure you don't get any surprises.

If you do a wipe and clean install then yes, you'll obviously need to reinstall it. If you get the licence key and media first, there shouldn't be anything stopping you from doing so.

3) yes, AFAIK anyway. The upgrade is eefectively a new installation; it'll keep your old windows stuff in separate folder I think, but you can't run programs from there

bows to cougar's [i]actual[/i] knowledge

^^ that would be a parallel install. You can upgrade in situ, which should dodge that bullet.

(IME though, it takes a hellishly long time.)

Of note also is you can't go from a 32-bit XP install directly to W7 x64, if that matters (which it shouldn't on an older machine).

I would think you will need to reinstall. Make sure that you have the CD key you can find it by running a keyfinder (Magic Jellybean or similar)
You can then download a backup copy of the Office 2007 install files.
[url= http://office.microsoft.com/en-gb/products/download-back-up-restore-microsoft-office-products-FX103427465.aspx ]Office Backup Media download[/url]Its right at the bottom.

[url= http://windows.microsoft.com/en-GB/windows7/help/upgrading-from-windows-xp-to-windows-7#T1=tab01 ]XP to Win7 uppgrade advice.[/url]

You'll probably be fine. Over time as exploits are found they will become vulnerable but chances are you'll be ok [s]for a few years[/s] until next month's Windows updates are reverse engineered and used to attack XP.

The only unknown is what patches will be released in the future for existing vulnerabilities, how severe they are, and how they will be used to attack XP, ie8, Office 2003 etc.

So in summary you may or may not be totally screwed.

afaik yes you will need to reinstall all your programs or at least I haven't found a way of not doing so and it seems to be what MS says

http://windows.microsoft.com/en-us/windows7/help/upgrading-from-windows-xp-to-windows-7#T1=tab01 "You'll need to reinstall your programs by hand after installing Windows 7."

I'd love to know it there was a way of avoiding that though

If you are keeping XP then I think you need to change your AV soft as MSE is stopping for XP as well. Avast seems a good option

edit:muddy_bum beat me to it

Urgh. I hate computers.

This thing will only be used for home accounting, internet browsing, and (most importantly) on-line banking.

I can buy a download copy of Windows 7 Home Edition, but don’t want to lose MS Office. The machine was bought from a former employer with Office pre-installed and I don’t have the discs.

If I was to ditch MSE and replace it with AVAST would/should that keep it safe? We’re not interested in running the latest software or games, we just need it for home finance Word and Excel.

Short answer is a no. You need to ditch XP, and if you're using them ie8 and Office 2003 as well.

Home accounting, internet browsing and online banking from an XP machine are exactly what the bad guys want you to do.

Stay safe out there guys 8) 😉

Do you definitely want to stick with office? I was annoyed to lose my ancient office install when I went to 7 but I just switched to openoffice, which is mostly equivalent. Has occasional weirdness mind.

Have a look at Google Docs and Open Office, if your just doing basic stuff you probably won't notice the difference. Support for office 2003 also ends today.

If the specs will allow it head for Win7 then look at the office options above or Office 365 is 80 quid a year for up to 5 pc's at home. It's fairly cheap for what it is.

I can buy a download copy of Windows 7 Home Edition, but don’t want to lose MS Office. The machine was bought from a former employer with Office pre-installed and I don’t have the discs.

You need to get the license key from your existing Office install using: http://www.pcworld.com/article/231588/magical_jelly_bean_keyfinder.html Then download the tar ball of the installation DVD so you can re-install it and then enter the key.

It might work, depending on the office version...

Actually I might have a set of Office 2000/2003 OEM install discs at home you can have (assuming I can find them).

Accounting and online banking, def ditch the XP
Open office is free, might do everything you want you may just need to learn some new buttons/process.

If you have a spare hard drive (if not it's arguably worth buying one anyway and keeping the old one "just in case") install linux and open office on that and see if it does everything you want - linux plus an office package is generally pretty easy to install nowadays. If not buy win7.

Actually I might have a set of Office 2000/2003 OEM install discs at home you can have (assuming I can find them).

Support and security patching for Office 2003 ends today so it's just as vulnerable as XP.

Not really, XP is connected to the Internet (if you're online), whereas Office isn't, so you have to download something first and open it with Office to be exposed....

bows to cougar's actual knowledge

... which was wrong. I really shouldn't give out advice pre-coffee.

Ignore what I said above. You can't do an in-place upgrade of XP straight to W7 (you'd have to go via Vista if you [i]really [/i]wanted to do that).

When XP retires, the updates for MSE XP will also stop

Not quite. The MSE XP application will be retired but if you already have it installed then virus signature updates will continue "for a limited time".

Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP on this date. (If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time.

With a bit of luck I'll get a new computer at work 😀

My mother uses an XP machine to buy train tickets etc. She's got AVG installed as well, but on the other hand, she seems to [i]love[/i] dodgy toolbars. How much of a ball-ache would it be to upgrade her?

Her computer, I mean.

Some will suggest installing Linux in place of XP on the machines to allow you to keep using the machines. If you have some time and patience and only use the PCs as browsers* then this might well be a viable alternative.

On the subject of Linux, you can now get Google Chrome for Linux which will mean you can effectively use Linux as a Chromebook. Almost all functionality of Chromebooks is available through the normal Chrome browser.

Someone should release a distribution like this.

EDIT I should've searched better.. apparently there is one called Cr OS Linux http://getchrome.eu/download.php

We had the same problem. Old (12 years or thereabouts) desktop that my eldest uses for Internet and stuff. Since she's trying to explore the entire web through the power of Tumblr, we decided XP wasn't a good OS option.

Machine is so old and pretty clapped out (state of the art when we bought it!) we've donated it to charity and bought a spanking new Toshiba Laptop with Win 8.1. Easy decision as desktop needs a new HDD and a copy of Win 7 or 8. And the thought of downloading it off microsoft with a 2mb internet connection wasn't appearing....

Right then, weighing things up this is going to cost me about £400 to replace a perfectly good (if a little old) XP PC with a Windows 8 one and get Office 2013 to replace the 2007.

You can't fault Microsoft's business model.

I'm just glad that the motor manufacturers don't do the same or next year we'd all have to scrap our cars because petrol and diesel have been ditched and the new fuel is Tizer.

At this point I would really like to meet the CEO of Microsoft and stand on his throat.

You can't fault Microsoft's business model.

*if win 8 is an upgrade.

But it still works!

I know, progress and all that, but allow me to be a little pissed off.

What next? Bike manufacturers making our wheels obsolete?

just how old is this machine?
i'm happily running 7 on an atom based netbook with 2gb of ram. it's about 5 years old and came with XP.

I'm just glad that the motor manufacturers don't do the same or next year we'd all have to scrap our cars because petrol and diesel have been ditched and the new fuel is Tizer.

Don't most cars have a parts support lifespan of 10 years?

just how old is this machine?

Probably 8 years. It is my old works computer, so the spec is quite high. Don't know how long it will last so it probably makes sense to get a new one in the long run.

Don't most cars have a parts support lifespan of 10 years?

Not quite. The MSE XP application will be retired but if you already have it installed then virus signature updates will continue "for a limited time".

I may be wrong / misremembering because I was addled when I saw it, but I had a pop-up from MSE a few days ago warning that it was going to be unsupported.

TBH though, it could have told me that the moon was made of fish and I'd have gone "oh, ok."

Right then, weighing things up this is going to cost me about £400 to replace a perfectly good (if a little old) XP PC with a Windows 8 one and get Office 2013 to replace the 2007.

You can't fault Microsoft's business model.

Or you could do what everyone else has suggested, and install W7/8 on what you have, then reinstall Office 07 or LibreOffice.

I don't really understand the implication that you're somehow being stiffed by Microsoft because they're no longer actively developing a twelve year old OS that's been superseded three times. There's nothing stopping you upgrading, or not upgrading, at your discretion.

By which time they have worn out. Unlike my perfectly good PC.

Your PC will continue to function exactly as it does today until it falls over. This will require you to take more responsibility for avoiding things which will shorten the lifespan of the machine. What you're asking is for them to keep making replacement components and giving them to you for free forever and ever.

You definitely don't need a new PC. Worst case is you need to buy W8, which will run fine.

There are plenty of alternatives.

I know, I know. I’m just having a whinge!

I’ll see if the old PC can take Windows 8 and take it from there.

[url= http://www.aria.co.uk/Products/Software/Operating+Systems/Microsoft+Windows+7+Home+Premium+SP1+64-Bit+DVD+-+OEM+%5BGFC-02733%5D+?productId=38272 ]win 7 home premium?[/url] I've only dabbled with win8 on other peoples PCs but I hate it. 8.1 on a touch screen system is supposedly "alright" but I'll probably be sticking with 7 for a while yet.

http://www.zdnet.com/windows-xp-support-ends-survival-tips-to-stay-safe-7000028188/

this is all good advice if you are going to stick with XP

you could easily install linux mint on the spare space on the disk and use this for internet banking etc but you'll still be able to boot to XP if you need something windows specific

and
http://www.zdnet.com/linux-mint-programs-for-windows-xp-users-7000028049/?s_cid=e505&ttag=e505&ftag=TRE0fb9d06

We have a newish laptop with xp and unfortunately I don't understand 90 per cent of this thread - I am not tecchie at all!

Can someone please gently explain in simple terms what we should do - don't want to buy new as it's almost new! We long ago stopped the Microsoft updates as they just hammered the hard drive - most of the time now it's running constantly and takes forever to do anything.

Simple words please.....! Thanks

Right. Microsoft Windows is an operating system. They keep changing the version - XP came out a long time ago, then Windows 7, now Windows 8. You can buy Windows 8 on a CD from a shop and install it.

Because XP is now so old, Microsoft have stopped making updates for it. So if some nefarious type finds a NEW way to hack into your computer or give it a virus, no-one's going to bring out an update to stop this happening.

You are still *pretty much* safe, as long as you follow common online sense. You may install W8, it will probably work but may not depending on how puny your laptop is.

You could also install Linux which is another operating system that is free. It comes in hundreds of different versions, some of which are friendly, some of which are not. I would not normally recommend it for a non-techie but it's preferable to binning a working laptop and spending money on a new one. IF you only want to surf and email etc then it can be pretty easy. It will work well on old machines.

There are various reasons why your current machine is thrashing its hard disk and taking ages - too complex to go into but it's probably due to you having installed lots of software that's taking up RAM and you not realising it.

Tonight I'll be investigating a form of Linux that I might feel confident in recommending to non-techies...

Right. Microsoft Windows is an operating system. They keep changing the version - XP came out a long time ago, then Windows 7, now Windows 8. You can buy Windows 8 on a CD from a shop and install it.

You forgot about Vista.

Molgrips - thanks , I really appreciate that. Was reading this thread in complete bemusement!!

Oh yeah, Vista 🙂

If you're in either London or Cardiff I can help with your PC if you like.

We long ago stopped the Microsoft updates as they just hammered the hard drive

Like any bit of software there are mistakes, bugs, errors and security holes. Some of these only become apparent many years down the line. These are the ways people use to exploit you and to get into your PC. When vulnerabilities are found MS has worked to fix them and releases updates/patches/fixes through windows update. This is what they have stopped doing.

So after upgrading run Windows update and set it to install updates.

Thanks again molgrips. Am in the chilterns, so a bit outside London. Good riding, but we are carrot crunchers a but wit all this new technology!!

ooo, i'd recommend win7 based on my experience ( see above ).
i'm sure 'a' version of linux would be fine for a non-techie, probably, as would win 8.1, but 7 is similar enough to xp to make it feel familiar coming from xp, is very stable, and is modern enough that it'll be supported for a goodly while yet. it's a decent, reliable operating system IMO.

So I've just updated from Xp to windows 7 using a disc I got off amazon for 49 quid.

It all seems to have gone smooth enough although now when viewing this forum all the thread titles are underlined ??

Any ideas ?

browser?

[quote=molgrips ]You are still *pretty much* safe, as long as you follow common online sense.

Phew - I was thinking of giving that advice, but wondering if I was missing something.

Question for those who might know more about this than I do - given a firewall in my router and taking a lot of care in what I download and install, are there actually any real vulnerabilities which can be exploited? I'm coming from the perspective of having never had a virus detected on a computer I've owned (I've had Windows PCs for almost 20 years). Is it possible for a hole in the TCP/IP stack to be exploited by malformed packets which get past the firewall, and does that actually ever happen? I'm assuming that the vast majority of attacks exploit some human vulnerability, but not sure if that's naive.

The other thing which occurs to me is that if there is such a vulnerability open to attack, it's not beyond the wit of the community to provide some protection for it if Microsoft won't.

FWIW I no longer run XP since my print server died (now using a RPi for that), but we have XP on VMs at the local school - was discussing this today and we're happy that given how heavily firewalled it is and that the VM is dynamic (ie it is loaded from a gold image which only the admins have access to, and can be restored from backup in <5 minutes) we are pretty safe. Though we will probably be moving to W7 in the next few months - all sorts of issues with compatibility there though, given some of the school software is from last century.

Surely antivirus software should be protecting a computer? Whether it's MSE or another provider?

Aracer, you are broadly right. I surfed for a year or more on a computer with no AV (but a firewall and up to date software and OS) and got nothing. However I did get the malware attack that was on a page in an STW post on a different computer, I think it was not detected though because it was a script on a website.

Well, it's as aracer says. Where is the threat?

A fully patched Windows XP installation is a mature piece of software. It's had twelve years of iterative patching to prevent exploits such as hostile websites.

Third-party software exploits are patched by their respective vendors. This is down to them to continue to support independently of Microsoft. By a long way, out-of-date Flash and Java installs are the biggest source of exploited code in the Windows environment, and uninstalling /patching these will make a big difference to your security. Whether they continue to be patched once MS drop XP remains to be seen.

A hardware firewall (to wit, your Internet router) will stop the bulk of 'drive-by' Internet threats.

Safe computing practices (ie, not clicking on stupid shit and reading the text of software installations properly) will stop most user-initiated malware.

What's left? Not a lot. "Should" AV be installed? Well, yes, it should, but with the caveats above the practical risks in not doing so are probably lower than you think. When was the last time anyone actually got a virus that couldn't be attributed to user error or a poor patching regime (which is, hey, user error)? What we're really talking about then is new threats, zero day exploits, that sort of thing. These [i]should[/i] be few and far between, but as we've seen today with Heartbleed problems can still surface even in established software.

Plus, AV vendors may continue to support XP even if MSE doesn't. There's a big market out there for the one that does.

I bet there won't be (m)any that do it for free, mind.

[quote=Cougar ]What we're really talking about then is new threats, zero day exploits, that sort of thing. These should be few and far between, but as we've seen today with Heartbleed problems can still surface even in established software.

Ah well, I'm still worried about those - I'm far from convinced they will be non-existent (as pointed out in various articles, any sensible hacker will have been saving them up waiting for support to end). The question is what the attack vector is, and whether you're only at risk if you download dodgy stuff.

Presumably the malware attack on a page here was a javascript attack, so relies on that being patched rather than Windows, and if not then it's the browser which is an issue. I'd be a lot more worried when there is no longer a supported browser available for XP.

Though thanks for the general reassurance - being an IT person who should know about stuff like this (I have even worked on internet security, though not directly on this sort of thing) I was wondering whether I was missing something.

[quote=Cougar ]I bet there won't be (m)any that do it for free, mind.

I can't see any reason why they'd stop now - if it was worth doing before it's still worth doing - maybe when the user base is a lot smaller, but that's going to be a while yet. I'd expect browsers to become unsupported sooner.

Presumably the malware attack on a page here was a javascript attack

I'd love to know how it worked. What it actually did was to install a proxy server on my machine and set my proxy settings in my browsers to localhost. The dodgy proxy then redirected everything to a site that asked me to click here to do something.. forget what - something like clean my machine of viruses maybe (ironic). Crude, but I do wonder how it managed to do that.

I can't see any reason why they'd stop now

I can't see any reason why they'd continue.

OTOH, with the departure of MSE I can see why they might all decide to start charging for support for a dead OS.

my browser is chrome.

[quote=Cougar ]I can't see any reason why they'd continue.

The same reason they do now, and the same reason they continue with free support for other OSes.

Amazingly there are still websites tun by Windows 2000 and NT!

http://www.zdnet.com/xp-servers-still-powering-6000-websites-7000028238/

[quote=footflaps ]Amazingly

Not really - I'm disappointed they didn't have figures for NT3.51 and earlier (I'm making the naive assumption that nobody hosts websites on 95 or 98!)

you'd have to go via Vista

If I had an elderly, not particularly powerful or fast, netbook that I wanted to keep running at minimal cost for a bit longer, and if possible avoid as much MS bloat as I can while still being kept safe, someone tell me why I don't just get Vista for a few quid and stick that on it?

Your money would almost certainly be better spent on a 1Gb > 2Gb upgrade and Linux. However, I'll stand up in front of the STW Masseeve and say that Vista is a decent OS if you set it up sensibly.

I'm sitting here typing on a Vista machine, so with you on that one, Cougar (it works well enough that I feel no need to upgrade to 7). My understanding is that a lot of the reported problems were due to running it on machines with too low a spec. as it needs more oomph than XP, but fine with a powerful enough machine - the big advantage of 7 being that it is better optimised for low end machines.

That and the first incarnation of UAC was immensely irritating, but that's (safely) fixable.

W7 is probably the first version of Windows LESS resource hungry than its predecessor.

Afraid I took the easy option...[url= http://www.tier1online.com/1-gc760av-abu/cheap-refurbished-desktop-dc7800-sff-core-2-duo-2-33ghz-2gb-80gb-dvd-windows-installed-64-bit ]CLICK[/url] 😀

For £100 its hardly worth the hassle in trying to upgrade our old Optiplex. The 4gb of RAM is the same type & 250gb HDD I put in this machine can go in a caddy as a back-up drive.

Happy to use Open Office or Google Docs for software.

[quote=Cougar ]That and the first incarnation of UAC was immensely irritating, but that's (safely) fixable.

Yes it is, and I hadn't realised it was fixable - any tips or links?

I've a registry hack I crufted which fixes UAC without breaking it, in direct defiance of The Internet. Email me.

Ed, I'm running 7 on a samsung n110 with 2gb of ram. gets a bit laggy trying to run videos in HD, but aside from that runs very happily. far better than xp, which is what it shipped with. given the number of issues colleagues had with vista, and given it probably requires similar resources, i'd just jump to 7 if you're upgrading from xp.

Vista UAC fix.

Copy the following text into Notepad, save is with a .reg extension (you'll need to change "Save as type" to read "All Files" or you'll end up with filename.reg.txt) and then run it. It'll amend the behaviour of UAC so that it still works but is much less chatty and annoying.

There's plenty of people on the Internet advising to disable UAC. This is a Really Bad Idea as doing so also quietly disables a lot of other security measures and safeguards.

[code]
Windows Registry Editor Version 5.00
[/code][code]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"UacDisableNotify"=dword:00000001
[/code]

Thanks - nothing there which looks at all risky (though I might as well do it in regedit [Windows needs your permission to continue 🙄 ] and save current values whilst I'm at it).

[quote=Cougar ]There's plenty of people on the Internet advising to disable UAC. This is a Really Bad Idea as doing so also quietly disables a lot of other security measures and safeguards.

Indeed, which is why I still have it on despite it being intensely annoying.

[quote=aracer ]regedit [Windows needs your permission to continue ]

Not any more 🙂

yeah nothing like removing the sandbox protection to increase security.

You're absolutely right. It's nothing like that.

There is, of course, a slightly increased risk in that Windows is no longer asking "are you sure?" every five minutes and just getting on with it. However, this is almost certainly mitigated by the fact that most Vista users will by now have developed an involuntary twitch which unquestioningly agrees to the UAC dialogue every time it appears, rendering it pointless anyway.

All other UAE-underpinned features remain intact. Applications will run in a non-elevated state by default, file and registry shadowing / virtualisation will continue to work, and you still have Protected Mode available in IE (which I'm assuming is what you're referring to with your 'sandbox' comment).

Disabling UAC breaks all these things. But we're not doing that, we're just telling it not to ask so many questions. In so far as we can with Vista, we're telling it to behave more like Windows 7.

/me fails to see how the uac features stay intact if you've told it not to prompt for elevation. means all those drive by downloads that try to write to %SystemRoot% no longer trigger a warning and it's trivial to escape any user protection once you have elevated privileges. but then i'm not a windows daily user so can't comment on the announce of uac against it's protection offerings

Because a theoretical drive-by cannot write to %systemroot%, it'll get redirected to a virtual copy of it in the user's profile directory. This is still the behaviour if UAC is in quiet mode, but not if UAC is completely disabled.

In theory, at any rate. (-:

I have read and understand this thread and spoken to my dad who is more tech savvy than me but more scared of the internets.

I have an older desktop, not quite as old as Harry's but probably similar spec. I have also fitted what was an external hd, inside as the mounting failed. Can I copy everything important onto this hd then protect it in some way for the short term until I update to W7?