Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can Windows still be safe when it no longer receives updates?


  • Please log in to reply
10 replies to this topic

#1 SuperSapien64

SuperSapien64

  • Members
  • 922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 05 August 2015 - 11:12 PM

After the release of Windows 10 Microsoft said they'll Windows 7 till 2020 so that's only five years of support. So my question is with the right security software is it possible to make an outdated version of Windows secure enough for everyday use?



BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:12:35 AM

Posted 05 August 2015 - 11:20 PM

Who knows what the security software market or device market will be like in 5 years?

 

Currently it is possible, but ill advised.



#3 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 05 August 2015 - 11:51 PM

Well I've heard of XP users using Sandboxie to secure themselves when surfing the web.

I mean if I use a combination of Avast free, MBAM Premium, SBIE,Shadow Defender, Comodo Firewall free Unchecky & Zemana Antikeylogger free surely that would make secure enough for some basic web-surfing. I really don't like what I'm hearing about Windows 10 I think I'm going to stick with Windows 7. BTW there are a lot of government branches and companies that still use Windows XP but is this how some of the government branches companies got hacked in the past?

And at the very least there is always Linux. :love4u: :thumbup2:



#4 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:12:35 AM

Posted 05 August 2015 - 11:54 PM

And at the very least there is always Linux. :love4u: :thumbup2:

This...

 

No need to run outdated crummy insecure Microsoft OS's on older hardware for everyday computing. There are great new Linux distros out that are user friendly and very secure. (and free)



#5 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 06 August 2015 - 12:59 AM

 

And at the very least there is always Linux. :love4u: :thumbup2:

This...

 

No need to run outdated crummy insecure Microsoft OS's on older hardware for everyday computing. There are great new Linux distros out that are user friendly and very secure. (and free)

 

Especially with a properly configured firewall, on-access AV, security module (App Armor), Firejail, Timeshift and of course keeping your software up to date.



#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,268 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:35 AM

Posted 06 August 2015 - 04:32 AM

 

Can Windows still be safe when it no longer receives updates?

The simple answer is NO, It is not safe to use an unsupported operating system. In the last few months there have been several big exploits for all operating systems Linux Windows and Mac and the only way to make those systems safe was to get updates.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:35 AM

Posted 06 August 2015 - 05:38 AM

Using unpatched and unsupported Windows systems on the Internet is a security risk to everyone as they are prone to attack from hackers, Botnets, zombie computers and malware infection. When there are compromised computers connected connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, spammers have more platforms from which to send e-mail and more zombies are created to perpetuate the cycle. Without upgrading, you are wide open to infection and other high security risks which are prone to an outdated operating system.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 rp88

rp88

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:35 PM

Posted 06 August 2015 - 12:29 PM

Windows systems without security updates (like xp) are risky, windows systems without security updates where the user is using internet explorer as a browser are asking for trouble. A lot of windows' security updates are security updates for IE, they are very often updates to prevent drive-by remote code execution(exploits). Using an un-updated version of IE almost guarantees you will get infected.


Switching to another browser is crucial for anyone on xp or on windows 7 in the future when it becomes unsupported. If you switch to firefox with noscript you are as well protected as a browser can be. Noscript also blocks fonts, which are sometimes a source of vulnerabilities which can lead to exploits.

Other windows vulnerabilities also exist, which updates are released to patch, these can be equally dangerous. It could be suggested these ones aren't so commonly exploited as browser vulnerabilities, but they can still operate in a similar way (user visits website, and boom, they get infected without having to have done anything), using a safer browser than IE will not be enough to protect users from these.

If a user never opens IE, runs a scriptblocker in the browser, keeps all their programs up-to-date, runs a good antivirus and a good antimalware, runs an anti-exploit program (like malwarebytes anti-exploit), and runs some sort of whitelisting (so only exe files they have previously approved can be run) then there is a chance they can be safe on an unsupported OS, but they are still very vulnerable. Unless they have no other option it is best to switch OS, given what windows 10 seems to be, linux might be a better choice for them.

Edited by rp88, 06 August 2015 - 12:29 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:35 AM

Posted 06 August 2015 - 03:38 PM

2020 is still five years away. Who knows what new technological and security developments will arise between now and then. Microsoft could even reconsider and extend support for Windows 7.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 06 August 2015 - 04:26 PM

Windows systems without security updates (like xp) are risky, windows systems without security updates where the user is using internet explorer as a browser are asking for trouble. A lot of windows' security updates are security updates for IE, they are very often updates to prevent drive-by remote code execution(exploits). Using an un-updated version of IE almost guarantees you will get infected.


Switching to another browser is crucial for anyone on xp or on windows 7 in the future when it becomes unsupported. If you switch to firefox with noscript you are as well protected as a browser can be. Noscript also blocks fonts, which are sometimes a source of vulnerabilities which can lead to exploits.

Other windows vulnerabilities also exist, which updates are released to patch, these can be equally dangerous. It could be suggested these ones aren't so commonly exploited as browser vulnerabilities, but they can still operate in a similar way (user visits website, and boom, they get infected without having to have done anything), using a safer browser than IE will not be enough to protect users from these.

If a user never opens IE, runs a scriptblocker in the browser, keeps all their programs up-to-date, runs a good antivirus and a good antimalware, runs an anti-exploit program (like malwarebytes anti-exploit), and runs some sort of whitelisting (so only exe files they have previously approved can be run) then there is a chance they can be safe on an unsupported OS, but they are still very vulnerable. Unless they have no other option it is best to switch OS, given what windows 10 seems to be, linux might be a better choice for them.

OK so could a combination of SBIE and Shadow Defender help protect against unknown/other vulnerabilities for XP or any unsupported version of Windows?

 

2020 is still five years away. Who knows what new technological and security developments will arise between now and then. Microsoft could even reconsider and extend support for Windows 7.

Good point. And new technological and security developments such as application & URL white-listing are a couple that come to mind.



#11 rp88

rp88

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:35 PM

Posted 07 August 2015 - 11:43 AM

Post #10, Running noscript, malwarebytes anti-exploit, a good antivirus, a good anti-malware, a second opinion scanner, and a program (there are many aimed at preventing ransom attacks but they block other types of virus too) to whitelist known exe files and block all unrecognised ones is how you would begin to protect an OS which was no longer getting security updates, but there can still be some types of vulnerability in windows which even all this won't protect against.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users