Four Ways to Make Windows XP Systems More Secure

toggle-button

Windows XP logoMicrosoft may have stopped providing security updates for Windows XP but a large number of PC users are sticking with the venerable old workhorse. Because safety is very dependent on individual habits and skills, I won’t comment on the controversial issue of whether continuing to use XP is safe. However, a lot of Gizmo’s readers are still using Windows XP so I thought it worth passing along some tips on how to make XP systems more secure. If you are determined to continue using XP, here are four ways to help keep your system safer.

1. Free Antivirus programs

Although Microsoft isn’t updating Windows XP (unless you pay them a lot of money), many security software vendors are continuing to support Windows XP with updated antivirus programs. The security firm AV.Test did a recent test of how effectively various programs protected XP. The results are summarized in a PCMag article called XP Users Can Still Get Effective Antivirus Protection

Several free programs did quite well, including three from Gizmo’s Best Free Antivirus Software. These were:

How long these vendors will continue to support free versions of their software for Windows XP is unknown but, for now, XP systems continue to have good free antivirus programs available.

2. Microsoft Enhanced Mitigation Experience Toolkit (EMET)

Extensive protection against malware exploits is provided by the free Microsoft tool EMET. It has the virtue that it requires no continual updating of virus signatures and can guard against zero-day attacks on previously unknown security holes. Download is here. A detailed description of how to use it is given in the tutorial by fellow editor Dedoimedo called Microsoft EMET v4 review & extensive tutorial. The tutorial is for EMET 4.0 but is applicable to the current version 4.1. EMET is a powerful program and some software may have conflicts. However, the tutorial explains how to make exceptions for programs that are blocked by EMET. Note that EMET requires that you install .NET Framework 4.0.

3. Sandboxing

Many of Gizmo’s members swear by the free sandboxing program Sandboxie. There are those who even say that no other antimalware protection is needed. Not everyone would go that far but there is no question that Sandboxie provides a high level of protection. Personally, I think everyone who uses Windows XP should give installing it very serious consideration. How to set up and use Sandboxie is described in the excellent article on our site by fellow editor Anupam called An Introduction and a Quick Guide to Sandboxie

This is another line of defense that does not involve continual updating of malware signatures or security updates for the operating system.

4. Back up the system regularly

Finally, I have to mention the security measure that everyone knows but often neglects – making regular backups. If you make a disk or USB key with a copy of your entire system and also back up your personal files frequently, you can always resort to a low-level  reformat and restoring the system and files in the event of a malware infection. Just make sure the backup medium you use is only connected to your system when backing up. Malware can attack anything that is attached,   

Get your own favorite tip published! Know a neat tech tip or trick? Then why not have it published here and receive full credit? Click here to tell us your tip.


This tips section is maintained by Vic Laurie. Vic runs several websites with Windows how-to's, guides, and tutorials, including a site for learning about Windows and the Internet and another with Windows 7 tips.

Click here for more items like this. Better still, get Tech Tips delivered via your RSS feeder or alternatively, have the RSS feed sent as email direct to your in-box.

Please rate this article: 

Your rating: None
4.5
Average: 4.5 (16 votes)
toggle-button

Comments

I haven't had any problems with XP exploits forever, since I set my system up with a blank, write protected C drive - my system/boot drive is F. Presumably exploiters are lazy/focused on the mindless majority and don't bother using environment variables - just like any number of goofheads at supposedly more careful developers, such as Google, Microsoft and Adobe to name a few that make hardcoded assumptions about file locations. Oh, and I don't bother with MS security, just the freeware stuff, since it is quicker to confirm my "belts and braces" paranoia is misplaced.

It turns out that Microsoft are continuing to support a version of XP used in Enterprise (commercially), and there is a procedure by which consumer users of XP can continue to receive most, if not all, updates for nearly five more years: "How to get security updates for Windows XP until April 2019" - http://www.ghacks.net/2014/05/24/get-security-updates-windows-xp-april-2... (there is always the chance that MS may shut this option down, but to date they have not).

In addition, with respect to EMET, in a few cases I have encountered (usually, but not exclusively, with XP), the default (recommended) settings prevent Internet Explorer from loading properly (which, even if one does not use IE as their default browser, is still required to run Windows Updates manually). Should this be experienced, the solution is to open EMET (Start --> All Programs --> Enhanced Mitigation Experience Toolkit --> EMET GUI), click on Apps in the Configuration box at the top, then deselect (un-check) the box under SimExecFlow for iexplore.exe, click OK, then close EMET. If IE still does not load, restart Windows.

5. Unplug from the internet. Use XP for the rest of your or your PC's lives, whichever comes first. Good alternative for stand-alone machines; let's face it, you're not getting any more updates.

6. Run XP in a virtual machine with a safe OS such as Linux as host. Bonus: start using more and more cross-platform apps, and soon you will not need XP. If you install Zorin, Mint, LinuxLite, or ElementaryOS, you will soon wonder why you loved XP so much.

7. Use another PC to log into the XP machine over a secure net, using a remote desktop app like Remmina or Teamviewer.

Elementary OS is now at the top of my recommended list, above Zorin, for Windows migrants. Needs a little bit of tweaking but as simple as following this guide: http://www.elementarynow.com/what-is-elementary-3/customize/ Also, disable Plank and replace with AWN to gain applets and 3D dancing icons if this is what does it for you. :) http://www.neowin.net/forum/topic/1180735-guide-to-make-elementary-os-lo... MC - Site Manager.

I think an overlooked suggestion would be to not to log in to XP as an Administrator.

Create and use a 'User' account, and only use Administrator when required to install a program or run certain programs.

A really useful alert.
I need to keep XP for some now unsupported music SW (life of gear is much longer than SW ...) and this is definitely good stuff.

Thank you!

Ok, so i have never heard of EMET until this article, my question is are there any downsides to using it? For instance, does it slow down programs? Hog memory? I would think with a tool like this any application that you assign to EMET would have these extra security checks running in the background and hence would take a performance hit. Ideas/thoughts/suggestions?

In the short format used for Tech Tips, it isn't possible to go into all the details. That is why the link to the tutorial is given. If you read that, you can get the kind of information you are asking about. Here again is the tutorial http://www.dedoimedo.com/computers/windows-emet-v4.html. Added: There is also a forum at http://social.technet.microsoft.com/Forums/security/en-US/home?forum=emet