Survive the XPocalypse: 10 Tips to Keep Running It Safely

On Tuesday (April 8), Windows XP receives its final updates and security patches, and Microsoft officially ends support for the operating system. Future software flaws and security vulnerabilities won't be fixed, and some experts predict an "XPocalypse" of malware attacks on the 13-year-old OS.

Yet between 20 percent and 30 percent of Windows users worldwide were still using XP as of the beginning of April, and many of those users have no plans to switch to another operating system. If you're among the XP holdouts, here's what you can do to keep your XP system as safe as possible in the face of the XPocalypse.

MORE: How to Migrate from Windows XP

1. Fully update your system. Make sure all Windows XP system updates and patches are installed. You want to have Service Pack 3 (SP3) — or, on Windows XP Professional 64-bit, Service Pack 2. (To see what you're currently running, press the Windows key and the Pause/Break key on your keyboard simultaneously; laptop users may have to press the Fn key as well.)

Go to your Start menu, select All Programs, then Windows Update. Select Check for Updates and install everything that Microsoft flags as "Important." Under Change Settings, set Windows Update to Install Updates Automatically.

2. Ditch Internet Explorer. Like Windows XP, Internet Explorer 6 reaches the end of its working life April 8. But if you're running IE 7 or 8 on XP, those editions of Explorer won't get further updates, either. Even worse, IE has deep hooks into the Windows operating system, and malware attacks on it will go far.

To protect yourself, switch to a non-Microsoft browser, such as Google Chrome, Mozilla Firefox (with the NoScript plugin installed) or Opera, all of which will continue to receive updates and security patches for at least another year. We especially recommend the Aviator browser, which builds in several security features, such as requiring the user's permission before media files can play.

MORE: Aviator Brings Secure Private Browsing to Windows

3. Use Webmail instead of Outlook Express. After April 8, it will be safer to open emails in a non-IE Web browser than to open them in Outlook Express. Sign up for a free Gmail or Yahoo Mail account, and make it your primary email address.

4. Ditch Microsoft Office. Microsoft is also ending support for the 11-year-old Office 2003 (its predecessor, Office XP, died in 2004). But don't try upgrading to or using Office 2007; it might not get any more updates on Windows XP systems.

Instead, switch to an alternative office suite, such as LibreOffice or OpenOffice; both are free and will handle your Office documents, spreadsheets and presentations just fine. Or just go right to the cloud with Google Docs.

5. Install antivirus software, and pay for it. Every Windows PC should be running antivirus software. In our experience, the paid software offers protection, such as screening Web links and automatically scanning email attachments, that free software can't match.

If you're worried about the $50-to-$80 yearly subscription cost of antivirus software, remember that you're already saving money by not upgrading to a better computer or operating system. Most antivirus software makers will be supporting Windows XP until at least April 2016.

MORE: Best PC Antivirus Software 2014

6. Create and use limited accounts. Windows has two types of user accounts: administrators, who can install, update and remove software; and limited users, who can't modify software (except for user-specific applications such as Google Chrome). Most pieces of malware "borrow" the user privileges of the account they infect; a Trojan that infects a limited-user account will do much less damage than one that infects an administrator account.

To minimize the effects of malware infection, create a limited-user account for each user of your Windows XP machine, including yourself, and use those accounts for all purposes — Web, office work, Photoshop — except modifying software. Use the administrator account only when adding, removing or updating applications and other pieces of software, and log out of this account when you're done with those tasks.

7. Turn on your system's firewall. Go into Control Panel, select Windows Firewall, select "Turn Windows Firewall on or off," then select "Turn on Windows Firewall" for all options.

If you're a bit technical, Microsoft recommends a few more fine-tunings that can harden your system. All require administrator privileges.

8. Turn off automatic opening of files on a USB stick. A USB stick is a great way to spread malware, especially in Windows XP, which opens files on a USB stick as soon as it's plugged in.

Stop this by using the Group Policy editor. From the Start menu, select Run, type in "gpedit.msc," and hit OK or the return key.

You'll see a pop-up window with two panes: in the left-hand pane, select Administrative Templates under Computer Configuration (NOT User Configuration). Then, in the right-hand pane, double-click System.

Scroll down to Turn Off Autoplay and double-click it. Another pop-up window will appear; under Turn Off Autoplay, select the Enabled radio button, select All Drives in the "Turn off Autoplay on" menu and close the window.

MORE: Is It Still Safe for Businesses to Use Windows XP?

9. Maximize Data Execution Prevention (DEP). DEP protects against malware attacks on running memory. It's activated by default in Windows XP Service Packs 2 and 3, but can be turned up.

From Control Panel, select System, then the Advanced tab. In the Performance section of the resulting pop-up window, click the Settings button. In the next pop-up, select the Data Execution Prevention tab. Select "Turn on DEP for all programs and services except for those I select." Hit Apply, then OK and then restart the computer.

If you find that DEP interferes too much with certain applications, go back to the Data Execution Prevention tab and select Add to make exceptions for those programs (you'll have to browse through the file system to select them).

10. Install the Microsoft Enhanced Mitigation Experience Toolkit (EMET). EMET hardens installed applications one by one. It's complicated to configure, but Microsoft includes a user's guide with the EMET software. Both tools are available from Microsoft's Download Center.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

  • alextheblue
    There are several competent free antivirus and firewalls out there. If you want to buy one to get the more advanced features, there are reasonably priced alternatives. For example, ZoneAlarm Pro AV + Firewall for $35, or Avast! Internet Security for $40. Both are pretty well equipped at those price points.

    Also, if you're taking all these other precautions, why ditch Office - especially for strictly offline use? I think that suggestion is a little silly. Although to be fair, I think not upgrading to at least Win7 is a bad idea in general. More and more software is going to drop support for XP as time wears on.
    MS's extortion gambit has worked, the UK government has paid them bug bucks for 1 more year of XP updates.
  • icraft
    I agree with alex the blue. Both malwarebytes and AVG do admirably.
  • 11796pcs
    MS's extortion gambit has worked, the UK government has paid them bug bucks for 1 more year of XP updates.
    I'm definitely not a fan of Microsoft but I have to commend them for supporting XP for this long. 13 years is a long time for a company to support any product, much less a tech product. What other companies offer you a 13 year warranty? Your response is going to be: I should get updates because Microsoft is making them anyway for other companies. Sorry, you're not entitled to anything at this point. Also, you call this "MS's extortion gambit". When will MS cease to run an "extortion gambit"? Do you expect them to keep supporting XP into the 2020s? 2030s? I challenge you to think of more than one or two companies that support their software for more than 13 years.
  • dimar
    What if you use IE8 with Chrome Frame? Is that safe?
  • NeatOman
    With all that work and ditching Office, wouldn't it be much better just to go to Ubuntu? or pay for Windows 8 which comes with windows antivirus built in instead of paying $40 a year which adds up to the cost of a license anyway.

    If you have a desktop I would say if your computer is a single core with 1gb of ram... its time to upgrade to something new, you can pick up a Off Lease business class PC for around $180 with a fast dual core and 2gb ram with windows 7... sometimes cheaper. And even thought they are used and with only a 90 day warranty they house much better components then a $400 Desktop.
  • indian-art
    Are all these 'doomsday' articles on XP bordering on FUD? Have no fear Linux is here.

    Why waste that old Hardware, its bad for Planet Earth.
    Get the most worth out of your PC as long as it works well.

    How to Break free from the cycle of Planned Obsolesce?!!??
    Stay safe with Linux.
    There is a very good chance Linux OS will run well with older hardware with lower specs
    Switch to the free, safe, secure & awesome OS:
    Its the worlds most popular free OS. It has free upgrades & security updates. It has a free office suite, LibreOffice that comes standard along with other great apps/programs.
    For those who like the Windows look, I would recommend: & for older computer with lower specs or
    Or try Linux Mint:
    Because the Linux option is free & now so easy (user friendly) one must give it a try. You have so much to gain.
    Lots of people give their time, effort & money to make these great products that they just give the world for free. So they may not have the huge ad budgets & would need users like us to spread the word. Although its free, you are welcome to donate if you like the software.

    For those worried about Office 2003 support ending try LibreOffice or OpenOffice.
    Time to check out the free, safe, secure & feature-packed LibreOffice. Its truly multi-platform & takes just a few minutes & clicks to install.

    Try it now you have so much to gain:

    Thunderbird is excellent as well.
  • rwinches
    You can be sure the total number of XP users is double the 20-30% with all the pirated copies included. Even if web browsers eventually are no longer compatible with sites there are plenty of off line usefulness like Office suite and Publisher. Maybe it will come down to not being able to print, but Asia is very resourceful and if a product is in demand it will be made.

    Really maybe if Linux grows up and loses the erector set style it brought over from UNIX and decides to become standards based like Windows where a certification means the App will install and run without intervention/tweaking required and with actual Help files that go beyond function description, then yes maybe a significant shift will occur.
  • Chris Droste
    ...or just get a Chromebook/box. under $200 to start with double the specs; sometimes even triple depending how dug in you are, nice long battery life and natural resistance to malware :P
  • alextheblue
    What if you use IE8 with Chrome Frame? Is that safe?
    Google killed off Chrome Frame support.
    ...or just get a Chromebook/box. under $200 to start with double the specs; sometimes even triple depending how dug in you are, nice long battery life and natural resistance to malware :P
    Heck I'd rather just use a good Linux distro at that point, dodge the Googleware and be less web-dependent. Although, reading posts from users like indian-art drives me away from that option. Ack! I mean really... use LibreOffice but it falls directly under the category of "Well, at least it's free". When I look at how many years of heavy use I get out of an OS license, Windows isn't really that expensive. I spend more on RAM than I do on Windows, and that doesn't even count the occasional middle-of-lifecycle upgrade.