In case you didn’t already know, Microsoft are stopping all support for Windows XP and Office 2003 on Tuesday. That means no more patching even if security risks become known to them.
This of course means that attackers who know that not everyone will be disconnecting their Windows XP machines or Office 2003 suites from the internet on April 8th will be rubbing their hands in glee.
If you have an old machine running Windows XP/Office 2003 that you love and you can’t upgrade or you don’t want to upgrade then you don’t have to consign it to the scrap heap.
End of life (online at least)
Both products have had a long extended life as they were both very popular and their replacements Windows Vista and Office 2007 were a big jump in usability and therefore not so widely taken up. Normally Microsoft will support a product for 5 years before going into a period of extended support for another 5 years. This allows mainstream support whilst two new iterations of a product are released before the product is discontinued. Mainstream support includes enhancements and fixes to product features as well as service packs. Extended support is security patching only unless you are a business that pays for premium support. With Windows XP being first released in 2001 and Office 2003 in 2003, these periods have come and gone. However, Microsoft have been continuing to provide security patches with extended support and will do so right up to 8th April 2014.
With no security patching the attackers will be looking for ways they can exploit this. They have probably spent the last year or more devising ways to attack Windows XP in particular that they haven’t executed yet. It is only a matter of time before both Windows XP and Office 2003 become a hacker’s playground. Don’t think that your anti-malware will protect you as it cannot patch security flaws in an operating system.
Old machines may still fulfil a purpose
I have a few Windows XP machines left that are perfectly good and run the Windows XP/Office 2003 combination very well but more importantly support a lot of applications that I have written in the past and old programming tools such as Visual Studio 6 (which went end of life many years ago having been released in 1998). I’m not going to just throw these machines away or upgrade them and prevent my old apps and tools from working, what I’m going to do it disconnect them from the internet and my home network.
I also have a few even older laptops running earlier versions of the Windows/Office combinations going back to Windows 98 and Office 97 (I didn’t keep and earlier than that but have recovery disks for Windows 95 and NT4) and discs for much earlier versions of that (MSDOS6, Windows 3.1, Office 4.3 and everything since those). None of these go on the internet and really only come out if I need to see how I did something back then. My memory of everything I’ve ever coded is not as good as it used to be.
I know that you can get a Windows XP virtual machine but I’ve found that because the underlying operating system that is running the virtual machine is different, not everything works as it should. So, like before I’m keeping my old machines.
I have Windows 7 and Windows 8.1 laptops and PC’s that I use for the internet with Office 2010 and Office 2013 on respectively so I don’t need to keep these old machines online particularly after the patching stops. It also means I can remove the Internet Security suite which will save me money. If you use MS Security Essentials that will no longer support Windows XP and I expect all vendors will adopt the same approach.
To upgrade or not to upgrade?
The advice from Microsoft is to upgrade from Windows XP and Office 2003 but you can only do this if your machine meets the minimum requirements, all the stuff on your old machine will work on the new (such as games that you love) and you can afford it.
So if you can’t or don’t want to upgrade then what should you do. You can still use the old machine but make sure you remove any wired or wireless connectively to you home network or the internet. Of course this means you won’t be able to get online with that machine so to do so you will need to have another machine capable of this.
One final tip; make sure you install and activate any games and software that you are going to need before you disconnect from the internet that final time. If you can’t do this and need to reconnect in the future, it will be much safer to use a portable internet mobile USB device (or if you have a laptop a mobile hotspot) rather than going through your home network/internet router.
It would be interesting to see how many are keeping their Windows XP machines and for what purpose. This site doesn’t allow comments but all articles are shared on social media so feel free to post any replies using those channels or to like or share this yourself.