Still Running Windows XP? Here's What to Do When Support Ends

After April 8, most users of the Windows XP operating system will no longer receive security patches, application updates or any kind of support from Microsoft.

Windows XP machines will be more vulnerable to malware than ever before, and users' personal and financial information will be at greater risk of compromise by identity thieves.

So what should Windows XP users do? Do the dangers of running XP after April 8 warrant upgrading an old PC to a newer version of Windows? Or would it make more sense to simply buy a new computer?

MORE: How to Migrate from Windows XP Before Microsoft Pulls the Plug

"The main thing consumers have to worry about is that every month, there are [new] vulnerabilities found in Windows," said Wes Miller, research vice president at Directions on Microsoft, an information-technology consulting firm in Kirkland, Wash. "New exploits generally are made to take advantage of those vulnerabilities. 

"Nobody really expects that to stop," Miller continued. "In fact, in some ways, it could likely increase after April. There is really limited protection that people can put into place to protect themselves, because Microsoft won't be patching the [default] browser, Internet Explorer 6, or the OS."

Microsoft will be publicizing security holes that get fixed in Windows Vista, 7 and 8. Unfortunately, many of those holes will exist in XP too, with the result that malicious hackers will have a Microsoft-drawn treasure map to XP exploitation.

Roger Kay, principal analyst at Endpoint Technologies Associates, a technology-marketing consultancy in Massachusetts, thinks many consumers won't need to worry about the end of support for Windows XP.

Most consumers usually buy a new operating system when they buy a new PC, he noted — and the last time new PCs running Windows XP were for sale in retail outlets was at least four or five years ago.

Still, something between 20 and 30 percent of PCs worldwide were running Windows XP in December 2013. Many, perhaps most, of those machines won't be discarded or upgraded by April.

Sticking with XP? Here's what to do

People who absolutely must use Windows XP for some reason, such as to run specialized software not available for later versions of Windows, or perhaps because they can't afford a new PC, should take several precautionary steps.

— Ditch Internet Explorer. XP users should switch from Internet Explorer to third-party browsers such as Google Chrome or Mozilla Firefox, Miller said. Both browsers will support XP, and continue to receive patches, beyond April.

"Because IE [Internet Explorer] is part of the OS, the day support stops for Windows XP is the day it stops for IE," he said. "That's your connection to the Internet, and it's your first vector of infection."

— Ditch Outlook Express. "Same thing with an email client," Miller said. "I would also avoid using [the business application] Outlook 2003, which will pass away on the same day."

Outlook Express fans might want to consider the Mozilla Thunderbird email client or shifting all email to a Web-based service, such as Gmail or Microsoft's own

— Install anti-virus software. If an XP user doesn't already have a robust anti-virus software product, he or she should install one right away. Free anti-virus software is fine, but paid is better. Most anti-virus software makers will support XP until 2016.

MORE: Best PC Anti-Virus Software 2014

— Segregate user accounts. Any home user with an XP machine should restructure user accounts so that only a seldom-used administrator account can install or modify software. Everything else, especially Web and email use, should be done using limited accounts without administrator rights. Limited accounts limit the damage malware can do.

"If you have a five-year-old PC and you don't want to buy a new one, and you have XP, what should you do?" Kay asked. "There aren't a lot of great answers."

"You could continue to use it [the old PC], and the chances are relatively low that something bad will happen," Kay said. "But you have to apply the normal hygiene that you would expect to apply anyway, like being careful about what sites you go to, and what links you click on, and what email attachments you open, and so on."

You could also back up all your files, then erase the hard disk and replace XP with a free operating system such as Ubuntu Linux. Linux applications can open most old Windows files, but you won't be running Windows at all.

Upgrade the OS or the machine?

If you've decided on upgrading away from Windows XP, should you buy a new PC, or upgrade the operating system on an old one?

Kay said it would make more sense to just buy a new PC.

"Older PCs were built for the operating system of the time," he said. "They're generally underpowered, because there's this general bloat that happens with software."

"With software development, companies never really pare things back," Kay added. "They almost always add features and build them up and make them fancier, because they're anticipating the software will be run on better hardware.

"If you're looking at a five-year-old PC and you try to put Windows 7 on it," Kay said, "it's probably not going to work very well."

The good news for consumers is that most of them probably only have one or two PCs still running XP, said Miller.

However, Miller thinks people who purchased PCs running Windows XP around the time the Vista operating system shipped in 2007 could probably upgrade those machines to Windows 7 or even Windows 8.

"Even though they shipped with XP, they actually met the low bar for Vista, which was really good for Windows 7 and, honestly, is pretty acceptable for Windows 8," Miller said.

"For people who are not computer savvy," he added, "I would recommend finding someone they trust to take a look at their PC and give them a good opinion about whether it's time to consider getting a new device to replace that PC, or whether it could handle going to Windows 7 or Windows 8.1."

Linda Rosencrance is a freelance writer with more than a dozen years' experience covering IT. Her work has appeared on many sites, including Computerworld, TechNewsDaily, Tom's Guide, and more. She has also worked as an investigative journalist, and has written and published five true-crime books. She lives and works in Boston.

  • LePhuronn
    Still sounds like scaremongering to me.Install some anti-virus, don't open e-mail attachments or click links in email, don't click any links in a web page that say "your computer is at risk" or "download" and you'll be fine - it's common sense, and nothing a few minutes of genuine education can't fix.If all of these articles and "experts" are to be believed, my Windows 2000 Server and Windows 98 SE boxes should be beckoning the apocalypse with their crazy, malware-riddled existence.Hell, I still USE my Windows 2000 Server.
  • technogiant
    Sandboxie and free avg have kept my 10year old pc running xp fairly bullet proof so far....will be upgrading to new hardware soon so will probably go win7...but will keep the sandoxie/avg team onboard.
  • Arktonoid
    Your best bet would be to install Ubuntu operating system. It runs a lot faster on machines currently running XP and it's a Linux based operating system and still has the GUI look and feel of XP.
  • LePhuronn
    Your best bet would be to install Ubuntu operating system. It runs a lot faster on machines currently running XP and it's a Linux based operating system and still has the GUI look and feel of XP.
    Yeah, because people still on XP are really techno-savvy enough to install and operate Linux, regardless of how much Ubuntu may look and feel like Windows. Or, it's a business stuck in their ways and never upgraded because of logistics and proprietary software.
  • TrowaBarton
    "If you're looking at a five-year-old PC and you try to put Windows 7 on it," Kay said, "it's probably not going to work very well."Uhm... Windows 7 came out 5 years ago....
  • DanTMann
    I got my wife and I MacBooks for Christmas. I'm now wondering why I didn't ditch windows years ago.
  • Ukmoe
    For those that are fine with using XP rather than upgrading,what about keeping XP as a main system, but with no internet access?Then run Win 7 as a virtual system, and access internet, email etc on that, with tight security on any file shares etc between the two systems?Sure, it's better doing it the other way (with Win 7 as host)...but any audio editing stuff running in a virtual mode will have latency issues.Note...this is just a suggestion for those who can't bear all the 'kiddie' interface/add-ons of Vista/Win 7/Win 8/Mac.......Many will find that laughable...but so what?We all know when something is not suitable for us so why not try and create something that is better?Linux may be a good alternative...but messing about with Wine to run legacy Windows software just looks too hit and miss.
  • robtash