Radu Marin works and lives in the Rockville/Potomac area, holds a Master degree in Information Technology/Information Assurance (MSIT-IA) and is a Certified Information Systems Security Professional (CISSP). He is concerned with keeping families and individuals safe online and in their neighborhoods.
Today Microsoft releases the last set of security patches and software fixes for Windows XP. You probably heard about Windows XP End-of-Life, as it was fairly well-covered in the media. So why another article on RockvilleLiving.com?
Rockville is the home of many small and medium size businesses, and I find this category to be disproportionately disadvantaged when it comes to computer security practices and available expertise. Such businesses often don't have dedicated IT staff, let alone security professionals, and hiring expertise in this area is probably not the first priority when it comes to maintaining the bottom line. Home users are often in the dark too. So, the more people come across and read this information, the better. We want our local business and community to be thriving, not plagued with financial losses due to security breaches.
If your computer is more than 4-5 years old, it is most likely running Windows XP, and if you kept up to date patching it you've been warned enough times to upgrade to a newer version of Windows.
What not too many people realize is that many more computerized devices, like Point of Sale (POS) machines, ATMs, medical devices, etc. have as underlying operating systems (OS) Windows XP. That's because over the past 12 years it proved to be the most reliable and widely used OS Microsoft ever released, seconded only by Windows 7 more recently.
So when Microsoft stops supporting Windows XP, how is it going to affect you?
Well, the sky is not going to fall right away (after all, Microsoft releases patches "only" once a month) but the computer is slowly "rotting" inside. Vulnerabilities, flaws in the system that continue to be discovered (or uncovered), are not being patched anymore and are very likely to be exploited by hackers to get access to your computer and your personal data stored on or transacted through it.
I know, I've heard enough times the argument "but I have nothing of value on my PC, I'm not special, there's nothing to steal so I don't care”. For the sake of keeping this article short, in response to that claim I’m going to point you to a recent and to-the-point article on SANS' (www.securingthehuman.org), one of the most authoritative Cyber Security organizations: Yes, You Actually Are A Target
I also know many people follow the principle of "if it ain't broken, don't fix it", but despite a current relative stability of the system, the walls are falling around it. Besides the inevitable unpatched vulnerabilities, the applications running on your old Windows XP will need to be updated or upgraded at some point too. Their developers however will most likely stop creating updates for XP, concentrating on newer OS's. Some product manufacturers committed support until 2015 or even 2016 (Google Chrome, Mozilla, Microsoft Security Essentials, eg) but nothing guarantees that thousands of other business and home user applications will continue to release updates for much longer (yes, they need to be patched too). You also won’t be able to install new programs as these are being developed to run on the new OS's.
So what are your options?
Not many good/cheap ones, if you ask me. Your old computer hardware is very unlikely to handle Windows 7 and definitely not Windows 8.1 (skip 8 for your own good). Microsoft made available a compatibility check tool, Upgrade Assistant, which checks for hardware and applications compatibility with Windows 8.1. You could download it here
. However, I found this tool to be trying too hard to upgrade your computer to 8.1 and not necessarily Windows 7.
If you want to upgrade only to Windows 7, which makes sense for older hardware, you could try this approach:
- Start by creating a full system backup. Tip: you can use Carbonite.com’s free trial backup for that. You may actually come to like it and continue using it if you don’t already have a working, reliable backup solution.
- Buy an upgrade version of Windows 7 (runs somewhere around $70) and install it on your old PC.
- If there are no issues, download and install the applications you initially had installed and restore needed files from the backup. If you're lucky and everything goes smoothly you are good to go using Windows 7 but be aware: that old hardware may come crashing down soon and you still need a new computer. Keep good backups.
- If the upgrade doesn’t work, restore the system image you backed up on Carbonite.com and, for the moment, you’re back in business. Make plans to buy a new computer though, and transfer all your applications and data to it while the old one is safe and working.
There are several other alternatives to cope with Windows XP if you can't upgrade to Windows 7 or buy a new PC with Windows 8.1 for one reason or another. Rather than rewriting or even summarizing other articles I'll just point you to two of them, the most concise and relevant I found. In addition to the above-mentioned SANS PDF
, PCWorld/MSN.com offers How to keep your PC secure when Microsoft ends Windows XP support
and Tech Tips: Your risks and options with Windows XP
If you don’t feel comfortable taking on the upgrade task, please hire a professional. No matter how painful it might be financially, this is not a time to take shortcuts and it will set you on the right path for years to come.
Good luck and keep safe!