Tucked in an epsiode of podcast “Security Now” on iOS security, Steve Gibson gave a level headed discussion and practical advice for folks continuing to use XP into 2014, “”Five Steps for XP Usage Past April 8th”. I’ve extracted his advice from the podcast and added my comments here, the full audio and a pdf transcript are linked and in the references below. This guidiance is valuable for all versions of Windows, but especially important to those who continue to use Windows XP.

1. Make Yourself a Limited User
   
   Now it is called “standard” user, but both are users without administrator rights. If you do nothing else, lower your privileges (and that of malware that attack your machine) by switching from and Administrator user account to a Limited user account. (A better name would be “Protected” user.)
   See Paul Kenyon’s article on the Avecto blog for more about the protection offerred by NOT being an administrator.
   
   First go to Control Panel | Users and create a new user with Administrative rights so you can log on to this user the rare times you need full privileges, (like installing a new program). I called my user TECH. After setting up the new user, log in by logging off your using account via the shutdown process switching to TECH. This first time some housekeeping will be done. After you get a desktop, go to Control Panel and modify your user account to Limited. Shut down and log in as usual and you’re protected.
   
   When you need to install a program, (such as the browsers below) or make changes (such as removing Flash and Java, see below) you can try to right click the icon and “Run as Administrator” but with XP, you probably should plan on logging out for your account and logging into the Administrator account when you need to install a program. Then restart the computer and log into your main (limited) account to use the program and the computer.
   
    
2. Remove Flash and Java
   
   While Flash and Java will continued to be updated even on XP systems, they are avenues for malware to enter your system. Control panel’s add/remove programs (from an account with administrator access!) will allow you to remove these helper programs that are can be hijacked by malware authors. A variation is to offer an officila looking update to Flash or Java that is not an update but malware.
   
   This article by Sue Marquette Poremba discusses the concerns with Java and offers a middle ground.
   
    
3. Use Chrome or Firefox instead of Internet Explorer
   
   Chrome and Firefox will continue to be updated and supported on Windows XP. Internet Explorer is stuck at version 8 (first released in 2009)
   
   A discussion of browsers for XP users is in this article by Chris Hoffman..
   
   
4. Use an Office Alternative
   
   Since Office 2003 updates end as well, moving from Microsoft Office to an alternative program is recommended. Steve Gibson likes LibreOffice which is a “fork” or descendent of OpenOffice. Other folk, such as the good folks on PC RadioShow on WBAI recommend KingSoft Office Suite.
   
   I use LibreOffice but others are fine and supported on XP.
   
   
5. Practice Safe Surf
   
   No matter how secure a building is, if someone (you!) let mischief makers inside-bad things will happen. So be safe no matter what your operating system is.
   
   - Do NOT open unexpected email attachments, confirm by phone/email before opening
   - Do NOT click on “you must see this!” links or links you are not expecting or confirmed
   - Do NOT click on Urgent Update notices or Download this viewer links 
   - Hang up on any “Microsoft rep”, or others who CALL YOU and want access to your computer