End of Windows XP - what now?

Blackwijet

Blackwijet

Suspended / Banned
Messages
540
Name
Sue
Edit My Images
Yes
I'm currently running windows XP and although I do intend to upgrade to a win 7 machine I haven't quite got round to it yet. Just had the notificaton that as of 8th April XP no longer supported etc etc.
Just wondering what the real implication of this is. I currently use Microsoft Essentials, Zone Alarm Firewall and Win Patrol. I don't do loads of surfing, main use is for administering my websites, a bit of facebooking and of course Talk Photography!
I don't usually do much in the way of purchasing online from this machine.

Could anyone advise how vulnerable my machine is going to be until I get round to upgrading?
 
I tried buying a copy of w7 a month or so ago and found it almost impossible to buy apart from second hand on ebay, so just went with 8.1 in the end, and not nearly as bad as I thought it would be.
 
I wouldn't worry too much, especially if that's all you use it for.
 
Thanks Neil, so I should upgrade sooner rather than later? My current PC came dual loaded with win7 but is about 5 yrs old so I was going to go for a new one... Faster processor etc as this one does struggle a bit with CS6 and large files but maybe for now I should switch current one over and then sit & wait for all the updates...could take a while though!
 
If you have the money and the machine spec to run an upgrade then it's always advised. The longer you run a non supported version of Xperia the greater the rusk due to security flaws being found. It's all about risk and how big a risk it is for you.
 
The thing is, XP is now not supported by MS (bar enterprises with custom support agreements). So any hacker saving up exploits has been waiting until the 8th to drop them, safe in the knowledge that they won't get fixed. So yes, you absolutely should upgrade.
7 is a very good OS but 8 is faster on the same hardware and adds a lot of other enhancements - regardless of the UI the underlying code is faster and more secure.
People bash it for the start screen simply because it's different, I've been using it since alpha and this really isn't an issue. Plus we announced at //build that a Start Menu for desktop users is coming back shortly...
 
Hmm i better start shopping!
My D700 and 105 macro lens will be up for sale shortly - money in money out!

Thanks for your responses, helped me make the decision!
 
Thanks for the advice, yes will use work PC for online purchases until I sort the upgrade out!
 
landwomble said:
Plus we announced at //build that a Start Menu for desktop users is coming back shortly...
Click to expand...
Took a year or so... but user pressure clearly works ;)
 
It depends how heavily you use your current machine Sue, but all you may need is a copy of Windows 7 and, depending on how much memory your machine has now, some new RAM. I'm using a PC that is a mile away from high spec and it runs Win 7 64 bit easily. However, I have to say I am not a heavy user and I tend not to have lots of things runing at the same time. A new OS is a lot cheaper then a new PC.

Dave
 
One of the possible problems with updating XP to Win 7 is that some of the drivers may be incompatible - there is a piece of software from Microsoft that will check your machine, then it's a case of seeing if there are driver updates available.
 
I recently upgraded my in-laws' PC from Windows XP to Windows 7.

This is a 2005-vintage Celeron with integrated graphics and 2 GB of RAM.

It runs better with Windows 7 than with Windows XP, and everything worked first time with one notable exception: the graphics driver from Intel. The installer for the driver wouldn't run on Windows 7 until I ran it in Compatibility Mode - but the driver itself is happy as a clam running on Windows 7.
 
Hmm maybe I should just reformat mine and load it with the win 7 it was dual loaded with, just worried about all the updates as it's about 5yrs out of date. If I do that will I be ok reinstalling CS6 or do I have to contact Adobe as it will be seen as installing same copy on new machine?

in fact even if I get a new machine what do I do about transferring CS6?

I have found the win7 drivers for my printer so hopefully that should be ok, think Noiseware pro and faststone should be ok.
 
On the updates: get the installation done, and let Windows Update take care of the rest. I generally go through one iteration manually (to ensure that I've got all the high-priority stuff) and then let it sort itself out after that. It'll take yonks, so set it running and go and have your dinner or something :)

If CS6 is anything like Lightroom, you can de-activate it from the Help menu.

Then, when you reinstall it and activate it, it won't whinge.
 
With regard to Windows 7, you can download the latest version (that you already have a product key for) here:
http://www.w7forums.com/threads/official-windows-7-sp1-iso-image-downloads.12325/
and load it onto a USB stick or DVD.
This will already have most of the updates. It's much faster installing from a USB stick but you can burn to a DVD if you prefer.

Edit: Thought I should mention these downloads are not illegal as long as you own a product key

If you don't have a product key I would suggest Ebay. I bought another licence just last week for £37 (Win7 Pro 64), then downloaded from the above links. (I have several copies on DVD but wanted it on USB for speed)

With regard to CS6 have a look here:
http://helpx.adobe.com/x-productkb/policy-pricing/activation-deactivation-products.html#how-to
Nice and easy process.
 
Last edited:
Ha ha must admit I would steer clear of eBay for software- it would be just my luck to find the dodgy ones!
 
I had a meeting with my accountant last week. He mentioned that they are finally having to move on from XP. They have used it for years because for what they do it works fine.

Now it's going end of life they can't take the risk of unpatched back doors into their clients' data - even though most of this is cloud based now (I guess if they stuck with XP and something bad happened I'd have grounds for a negligence case against them). Obviously they are just skipping the old 'puters and buying new ones. Accountants know how to do stuff like that without it costing anything.
 
I was much the same used CP at work & didn't want to get confused using different system at home ( easily confused!). Work moved to Win7 last year & id been meaning to do the same before Xp support stopped but got caught out!

Think I will get new system after all, my home PC gets heavy use so I don't want to risk it going tits up! If I get a new one I can get that set up & running to my liking whilst still using other one. I can then strip out all unnecessary programmes from old one and keep it as a stand alone back up/iTunes/webcam (troublesome neighbour!) box.

Thanks again to everyone for views and advice!
 
Have you considered using Virtual Machines?

I have 2 PCs all fitted with SSDs, one slow one to go online with and an i7 model for editing pics and rendering films etc.

Both use Virtual Machines (courtesy of VirtualBox)

The i7 runs Win 7 64bit to make use of the 16Gb memory but it also runs Win7 32bit AND XP PRO.

And can run them simultaneously.

This seems to be the ideal solution for both older and newer software .

And VirtualBox by Oracle is FREE!

.
 
Never heard of it! How's that work i.e. How is this set up?
 
If your PC can run Windows 7 in the way you want, ie the cpu fast enough and there is enough RAM, then forget about driver problems.

In my experience of about a couple of weeks ago there is no problem at all.

I did install W7 on to a new hard drive but only because I wanted more space. However, if you want to put it on to an existing drive, save all the things you want from the drive and just go through the installation process. During the installation you can format the drive and have a nice clean copy of Win 7.

When I insatalled my Win 7 everything went like a dream.

Dave
 
Blackwijet said:
Never heard of it! How's that work i.e. How is this set up?
Click to expand...

You need to download VirtualBox then run it.

You then create a new virtual PC on your computer by clicking on New and inserting your OS disc into your DVD drive in exactly the same way you would for your real PC.

It then runs and puts an OS onto the virtual PC which can be any real OS your PC is capable of running.

There's a bit of a learning curve but I now use them all the time.

And on my i7 PC I run up to 8 of them at one time to render my DVDs into X-Vids where each virtual PC is using a single core.
 
Last edited:
The realistic implication of this is "practically sod all". Your computer won't cease to function, have its drive wiped or start to nothing but a blinking DOS prompt. Yes, those are just some of the rumours going round that a few of our panicked customers have called in about. The 8th will roll around and absolutely nothing will happen, yes nothing, as Microsoft simply won't supply patches for a near 13 year old OS anymore.

Unless you work for the council, who, as we all know, lack any forward thinking ability...
 
trencheel303 said:
The 8th will roll around and absolutely nothing will happen, yes nothing, as Microsoft simply won't supply patches for a near 13 year old OS anymore.[/URL]
Click to expand...
I think that's a bit disingenuous, if you don't mind me saying so. Of course XP won't suddenly stop working. But Microsoft won't be patching the OS, so any new security vulnerabilities won't be fixed. If any powerful new exploits are deployed onto the wild, using XP on an Internet-connected machine *might* be dangerous.
 
Don't forget that AV product updates will cease at some point in the near future as well. Treat April 8th as a VERY real warning that it is time to upgrade if you haven't done so already. When software updates are no longer available for your PC you can't say you didn't see it coming or you weren't warned ;)
 
StewartR said:
I think that's a bit disingenuous, if you don't mind me saying so. Of course XP won't suddenly stop working. But Microsoft won't be patching the OS, so any new security vulnerabilities won't be fixed. If any powerful new exploits are deployed onto the wild, using XP on an Internet-connected machine *might* be dangerous.
Click to expand...

You can call it disingenuous but the fact is in the real world End User problems are not caused by the fact that their PC wasn't up to date, but rather because they downloaded supercraptoolbaradwarejunk.exe. As we all know by now, Microsoft supplying 3 billion patches every Tuesday hasn't put a stop to, or even reduced the effect that even mild malware has on Windows, which manages to sail in like any of Windows' security features aren't even there, purely because users can't resist to clicking "yes".

I remember when Vista came out, there was all this hullabaloo about how you'd not need antivirus anymore and that all the 3rd party antivirus companies were going to die a death. Vista was apparently so secure with its UAC and associated virtualisation of registry writes and system file edits, which were all redirected to a virtual directory under your own folder. Well crap, that didn't stop malware.

Then came Windows 7, and it was apparently the real deal this time. Seriously guys, no more need for antivirus and malware is a thing of the past, it even has Windows defender. Did that stop it? No it didn't, malware still as present as ever. Windows 8 is somewhat better at stopping malware, but it won't be long till that too is like a sieve and lets it all in.

By far a more effective way to secure a machine than to rely on Microsoft to release bloated patches, is to do things like shutting off unneeded services, killing the DCOM ports TCP 135-139, making sure your firewall is STEALTHED and drops (I said drops, not blocks) any unsolicited ping request, passwords on all user accounts including guest, etc etc etc... Principle of least privilege, it's the very basic foundation of having a secure setup.

You sit patching a machine all day and no matter how you put it, you're ALWAYS behind. You close off routes in the first place that are unneeded and are known avenues of attack, and vet ANYTHING else that does get in, and you have a much better chance of getting away clean. I've been antivirus free for years upon years, but I'll bet my configuration is still more secure than the average Joe. Malware can't get in if there's no door... it's that simple.
 
Last edited:
Which is not unique to Windows... The fact that Windows was most highly affected was due to sheer market volume, and the rule as you stated above will be true of all OS's, desktop or otherwise. Best option is to educate the users and fully protect the entrance points, the problem is that this can introduce reduced functionality as a side-effect. You can lock USB ports, and although it may be more secure, you're probably not going to do it as it would cause you endless pain lol
 
petersmart said:
You need to download VirtualBox then run it.

You then create a new virtual PC on your computer by clicking on New and inserting your OS disc into your DVD drive in exactly the same way you would for your real PC.

It then runs and puts an OS onto the virtual PC which can be any real OS your PC is capable of running.

There's a bit of a learning curve but I now use them all the time.

And on my i7 PC I run up to 8 of them at one time to render my DVDs into X-Vids where each virtual PC is using a single core.
Click to expand...

Of course you need to make sure that you only run the OS' you have the licenses for - you could not, for instance, run 4 copies of Win XP on only one license - it would still be declared invalid by Microsoft.
 
trencheel303 said:
By far a more effective way to secure a machine than to rely on Microsoft to release bloated patches, is to do things like shutting off unneeded services, killing the DCOM ports TCP 135-139, making sure your firewall is STEALTHED and drops (I said drops, not blocks) any unsolicited ping request, passwords on all user accounts including guest, etc etc etc... Principle of least privilege, it's the very basic foundation of having a secure setup.
Click to expand...

Also remember that a router can also provide a very effective firewall as long as it STEALTHS (as trencheel said).

You can check how secure your router (and other items are) on this website:

www.grc.com

Just got to ShieldsUp on the Services menu and pick "All Ports" to check your firewall and router.

And the "Security Now" podcasts are also well worth listening to (just download the smallish MP3 files and listen.

.
 
Last edited:
petersmart said:
And on my i7 PC I run up to 8 of them at one time to render my DVDs into X-Vids where each virtual PC is using a single core.
Click to expand...
Sledgehammer... meet Mr. Nut....
 
arad85 said:
Sledgehammer... meet Mr. Nut....
Click to expand...

Not at all since each one is rendering a different film or episode of a boxset.

In that way I can render 8 different films all at once.

I have found that in that way they do not interfere with one another and it makes it a lot easier - or at least it does for me.

And I have to thank you and neil for introducing me to VMs in the first place.

;):)
 
Last edited:
Neilc28 said:
Which is not unique to Windows... The fact that Windows was most highly affected was due to sheer market volume, and the rule as you stated above will be true of all OS's, desktop or otherwise. Best option is to educate the users and fully protect the entrance points, the problem is that this can introduce reduced functionality as a side-effect. You can lock USB ports, and although it may be more secure, you're probably not going to do it as it would cause you endless pain lol
Click to expand...

If I had my own way I would run a very tight ship. The perfect office network IMO is one where users can't willy nilly install things, plug their USB drives in, view scabby websites... of course when you are a 3rd party that manages someone else's IT you hardly have any say in what they do, which is both frustrating and difficult. I facepalm almost daily at some of the setups I run into or hear about, and I can say confidently that a lack of MS patches are the least of the problems... still, it keeps a wage packet coming my way.

PS - with many users there is no educating. Just as the average motorist isn't interested in why their car "goes", most desk jockies aren't interested in the various reasons why what they just did caused their computer to go kaput. There are a select few that will listen and learn; with the rest it's just in one or ear and out the other.
 
Last edited:
Right. This thread is getting silly. You don't have to update, no-one's gonna make you, but TBH you've had 13 years notice that XP was going EOL.
If you choose to stay on it, fair enough. Do it with eyes open and consider that every scrote with a 0 day exploit for XP has been saving this up until the day it goes EOL to release it, safe in the knowledge that MS isn't going to release any more security patches unless you're on the receiving end of a very, very expensive custom support agreement which you do not have.

If you want to run XP as a VM, fine: go ahead. Win7 has XP mode which is based on VirtualPC, and Windows 8 Pro has Client Hyper-V. The former does not offer enterprise grade separation of VM and host, the latter does. But in both cases the XP client is going to be vulnerable - in the latter it's sandboxed from the host but it's still able to hit other stuff on your network should it be compromised. Can't talk for Virtualbox as I don't work for Oracle although their offices aren't far away!

Sure, a lot of compromises are user-activity based - clicking on downloads that they shouldn't etc. But a lot are also down to product vulnerabilities or based on browser drive-bys. You can choose to ignore the latter if you wish but be aware you are taking a risk. In the grand scheme of things, upgrading a 13 year old OS for safety doesn't seem like a bad idea. Especially as typically 7 and 8 will run faster on the same hardware.

You maintain your camera gear, do the same with your PC.
 
landwomble said:
Sure, a lot of compromises are user-activity based - clicking on downloads that they shouldn't etc. But a lot are also down to product vulnerabilities or based on browser drive-bys. You can choose to ignore the latter if you wish but be aware you are taking a risk. In the grand scheme of things, upgrading a 13 year old OS for safety doesn't seem like a bad idea. Especially as typically 7 and 8 will run faster on the same hardware.
Click to expand...

None of the browser drive-bys have been fixed by MS patches as far as I know. In fact, they're worse now - many can only be stopped by killing the browser process itself through task manager. Why? Because clicking the YES or NO button, or the red X on the dialogue box of that fake "adobe flash player" download, ALL count as positive confirmation to start downloading the malware. That's right, attempting to close the box is often too little too late, and you can ONLY kill it by exiting the browser process. Most people don't know this, but a lot fall foul of it as their antivirus rarely bothers to do anything about it.

A far better way of mitigating browser drive-bys rather than waiting for MS to release patches is to tighten up the browser security and use a HOSTS file. With a bit of savvy on your IE settings you can visit the most extreme buggy malware websites and the browser won't even blink. No MS patches necessary, most of the settings needed to do this are available on IE 4.0 or higher if I recall correctly, making it do-able on Windows 95, bit older than XP!

I didn't want to say this earlier but I felt it's justified now - you speak to any hacker worth their salt and they'll tell you essentially the same as what I'm saying here - if your sh#t isn't secure/securable by design, ain't no amount of patches that are gonna fix it.
 
Last edited:
Except all the browser patches that have been released? I'm not going to go overboard but here's an example:
http://technet.microsoft.com/en-gb/security/bulletin/ms14-010
"This security update resolves one publicly disclosed vulnerability and twenty-three privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."
This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on affected Windows clients, Important for Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 on affected Windows servers, and Moderate for Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows Server 2003"

- they're frequent, as are upgrades of the browser. That's one of several reasons we're now on IE11 rather than IE6.

yes, you can beef up your hosts file, you can use the supplied IE security zones to improve things - but people generally don't. You *have* to mitigate zero day browser exploits as well as teach good user behaviour.
You've had 13 years notice that it's going EOL: would you ignore an oil warning light in your car for that long? Or not maintain your camera gear for that long? Hope not, and if you did and you end up in trouble you've no-one else to blame but yourself.

The best way of maintaining security is to be careful what you do, take reasonable precautions, stay patched and stay on a supported OS so when something nasty happens, the vendor will fix it.

Disclaimer: I work for MSFT, views not those of my employer etc etc.
 
You must log in or register to reply here.
Back
Top