How to protect your Windows XP system after April 2014
You know by now -- probably - that Microsoft will retire the Windows XP operating system for good come April 2014. It is also likely that you won't notice lots of changes after that day, at least not initially.
While new security patches won't be released for Windows XP, everything else will work just like it did before.
The core issue here is that new vulnerabilities that are detected after end of support won't get fixed anymore, leaving the system vulnerable to these kind of attacks.
That's a problem that Windows XP users have to take care of. While some may upgrade to Windows 7 or 8, or switch to Linux instead, others may not want to do so.
If you are one of those users, who wants to keep running XP on the PC, you may want to improve the protection of the system, especially if you connect to the Internet or networks regularly.
The tools of the trade
You can mitigate many dangers with an open mind and experience. Basically, don't open unknown executable files, email attachments, or click on links if you are asked to do. There is more to that, but that is better left for another guide.
This guide looks at software that you may want to run on Windows XP after April, or right now if you want, to make sure the system is protected from most dangers it faces after end of support.
Lets get started.
A sandboxing application is highly recommended. Sandboxie puts the browser, or other high profile targets that you select, in a sandbox on the system which limits interaction with the underlying system. While everything works as before, malware and attacks targeting programs that run in the sandbox won't affect the underlying system automatically.
Sandboxie can be used free of charge with some limitations. There are alternatives available, such as BufferZone Pro.
2. Exploit Mitigation
If someone manages to attack your system and get past the system defenses, it may still be possible to block the attack. This is were exploit mitigation tools such as EMET or Anti-Exploit come into play. EMET is a Microsoft program which means it is not clear if it will remain available after end of support.
The programs detect common exploit attempts and block them from being executed properly.
A firewall controls network traffic. It allows or denies connection attempts based no rules that are either configured automatically, or set by the user.
It is highly suggested to add a firewall to Windows XP. If you are using security software, it may come with a firewall. If not, use something like Comodo Firewall, Private Firewall or Outpost Firewall Free (direct link, program no longer updated) instead.
You do need proper antivirus protection as well. While a lot can be handled with common sense, having a second line of defense on your system is recommended.
Do not just rely on Microsoft Security Essentials, as it is too basic in terms of protection and detection to be efficient. Instead, use a better product such as Avast Free Antivirus, or Bitdefender Antivirus Free for protection.
Now that we have covered security software, it is essential to go over other important security aspects.
I recommend that you keep all programs that connect to the Internet up to date at all times. You can use a program like SUMO for that to make things easier.
Especially web browsers, email clients, messaging software, and browser plug-ins need to be up to date. As far as plug-ins are concerned, if you do not need them, uninstall them. If you do not need Java, uninstall it, or at the very least, cut its browser connection.
It may make sense to run security extensions in your browser of choice as well. I highly recommend NoScript for Firefox, but there are others that you can use instead. Check out our Firefox or Chrome recommendations.
There is no need to panic right now. If your system is properly protected, it is unlikely that XP's end of support will have a huge impact on it. While it is still recommended to switch to a supported operating system, you can make it a lot harder for attackers to gain access or control of your system.
On a global scale, I’d be willing to bet there will still be a large number of XP users after April. Too bad MS doesn’t “think”. They have enough resources whereas they could develop more than one OS. Go ahead and continue with the Windows 8 breed, but also create a MS division to develop a new breed of desktop workhorse based on their most successful OS…XP.
Sandboxie and Anti-Exploit won’t work together as you can’t inject anything into sandboxed process.
But Anti-Exploit works well on the rest of the system.
I use FF in Sandboxie for most things. When I start FF in Sandboxie I get the Anti-Exploit flyout. But if I start FF outside Sandboxie I don’t get the flyout at all. So it seems on my computer that the opposite of what you’ve said is true. I’ve also contacted Malwarebytes. They said the same thing you’ve said, but when I told them what was happening on my computer I got no further response.
Sorry for my previous post. I was referring to a different program, so please disregard. I’d delete it all if I knew how or could, and Martin, if you can and would like to, please do so. Thanks, and sorry for any confusion.
Can I run Comodo or either of the other two listed Firewalls along with AVAST? Checking out their websites, they look like combos of firewall/anti-virus applications.
Is that a version of Avast without firewall? Then yes, that should be possible. Just make sure you download a standalone firewall product and not a security suite.