April 8, 2014

Some best practice rules for XP computers, after final Windows Updates.

April 8, 2014

As I write this it is April 8, 2014. Today marks the final Patch Tuesday Windows Updates for the XP operating system and also for MS Office 2003. Please run Windows Update from all XP computers, sometime around 2PM your time.

Once you have applied these updates and rebooted, you are totally on your own to protect XP computers from malware, viruses and information stealers. Most anti-virus programs will continue to run on XP and will receive updates for at least one more year. But, none that I have looked into have any real long term commitments planned, with the possible exception of customers who can pay for ongoing support.

If you must continue operating XP computers for some programs that will not run on Windows 7 or newer, follow best security practices, as outlined below.

  • Keep XP PCs off the Internet if at all possible.
  • Keep networked XP computers behind hardware firewalls, with public facing ports closed and remote services turned off.
  • Make sure that the XP Firewall stays active and enabled at all times. It may block a dangerous packet coming from other infected computers on the same network. This is how computer worms spread internally.
  • if possible, operate your XP with reduced user privileges (e.g. Limited User, or Power User if you know what you are doing). A less privileged user account is almost 92% less likely to become unknowingly infected than one with Administrator privileges.
  • Less privileged users can still be tricked by clever wording to run a malicious installer with Administrator credentials. So beware requests to run unexpected executables in what you thought was just a document, form, or invoice. E-mail attachment scams use this tactic to install Ransomeware and banking Trojans.
  • Delete temporary files often. I use CCleaner every night before shutting down my computers. You never know when your brower has silently downloaded a malware installer to a Temp directory, where it lies in wait.
  • If the PC must go online, install anti-malware protection, like MalwareBytes Anti-Malware.
  • Also install an anti-virus that supports XP and receives regular updates
  • Disable the View option that hides known file extensions! A lot of malicious executables are disguised as images, or PDFs (by substituting icons). Double clicking to open them actually launches the malware installers.
  • An unprotected offline XP computer can still become infected if you plug an external USB or networked drive into your computer and that drive contains a malicious Autorun installer.
Following these best practices, along with keeping your BS dectors on high alert, will let you continue to operate an XP computer for a little while longer, even though Microsoft will no longer support you (except for businesses paying for special ongoing service agreements).

If you are not tied to these old computers by programs that you really need, consider moving up to Windows 7 or newer. Data files can be copied over from your old hard drives, via thumb drives. There are even programs that will transfer settings for you.

Posted by Wiz at 12:52 PM |

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Blog Links

Sponsored Message

I recommend Malwarebytes to protect your computers and Android devices from malicious code attacks. Malwarebytes detects and blocks spyware, viruses and ransomware, as well as rootkits. It removes malware from an already infected device. Get an 18 month subscription to Malwarebytes here.

If you're a fan of Robert Jordan's novels, you can buy boxed sets of The Wheel Of Time, here.

As an Amazon and Google Associate, I earn commissions from qualifying purchases.

CIDR to IPv4 Address Range Utility Tool | IPAddressGuide
CIDR to IPv4 Conversion



Search


About the author
Wiz FeinbergWiz's Blog is written by Bob "Wiz" Feinberg, an experienced freelance computer consultant, troubleshooter and webmaster. Wiz's specialty is in computer and website security. Wizcrafts Computer Services was established in 1996.

I produce this blog and website at my own expense. If you find this information valuable please consider making a donation via PayPal.

Follow @Wizcrafts on Twitter, where I post short updates on security issues, spam trends and things that just eat at my craw.

Follow Wizcrafts on Twitter

Malwarebytes' Anti-Malware is the most frequently recommended malware removal tool in malware removal forums, like Bleeping Computers. It is extremely effective for removing fake/rogue security alerts, Bots, Spyware and the most prevalent and current malware threats in the wild. Learn about Malwarebytes Anti-Malware.

MailWasher Pro is an effective spam filter that protects your desktop email client. Using a combination of blacklists and built-in and user configurable filters, MailWasher Pro recognizes and deletes spam before you download it. MailWasher Pro reveals the actual URL of any links in a message, which protects you from most Phishing scams. Try it free for 30 days.

Categories

Tag Cloud

Recent Posts

Popular Posts

Archives

Subscribe to this blog's feed
Creative Commons License This weblog is licensed under a Creative Commons License.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
Powered by Movable Type

back to top ^