I do a lot of work on a Windows 7 desktop PC that is about five years old. I’m a widow and can’t afford to run out and get a new PC at this time, or pay for Windows 10. If I do stay with Windows 7, what should I worry about, and how can I protect myself? I have been running Kaspersky Total Security for several years, which has worked well so far. Marcy
Microsoft Windows 7 – launched in 2009 – came to the end of its supported life on Tuesday. Despite Microsoft’s repeated warnings to Windows 7 users, there may still be a couple of hundred million users, many of them in businesses. What should people do next?
To begin with, Windows 7 will not stop working, it will just stop receiving security updates. Users will therefore be more vulnerable to malware attacks, particularly from “ransomware”. We saw how dangerous that can be when WannaCry took over unpatched PCs in the NHS and other places. It was so bad that Microsoft released a patch for XP, even though it was out of support.
There are reasons to be fearful, because of the way the malware industry works.
On the second Tuesday of every month, Microsoft releases security patches that should be installed automatically by Windows Update. The malware industry analyses these patches to find the holes, and then looks for ways to exploit them. A lot of the code in Windows 10 goes back to Windows 7 and earlier versions. As a result, some of the security holes in Windows 10 will also be present in Windows 7, but they won’t be patched.
Malware writers don’t normally target out-of-date operating systems, because they don’t usually have many users. In this case, as with XP, there could be millions of relatively easy targets.
The British government’s National Cyber Security Centre (NCSC) told the BBC: “We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device and not to use them for tasks like accessing bank and other sensitive accounts.” That’s good advice.
The NCSC’s website suggests some “short-term steps to take when you can’t move off out-of-date platforms and applications straight away”. It’s aimed mainly at government departments and businesses, and isn’t specific to Windows 7.
The core advice boils down to this: avoid coming into contact with any malware, and make sure you have nothing to lose. The first is basically impossible in a world where malware can be served via advertisements (“malvertising”) even on respectable websites. The second is tedious but essential.
While you can’t patch Windows 7, you can make sure your other software is patched. That applies to browsers in particular. Fortunately, the main browser suppliers will keep updating them, and Google has said: “We will continue to fully support Chrome on Windows 7 for a minimum of 18 months from Microsoft’s end of life date, until at least 15 July 2021.”
Eventually, however, they’ll stop testing their browsers on Windows 7 because it’s expensive and will only serve a shrinking number of users.
If you can’t avoid malware completely, try to avoid untrusted or insecure websites. Major name-brand websites should be reasonably safe, including your bank’s. Sources of free, pirated or “adult” stuff are generally less so. But, sooner or later, your bank will decide that it’s too risky to deal with people who have vulnerable computers, and prevent you from logging on.
Running good anti-virus software and a firewall should help minimise the risk, so it may be worth paying for something like Kaspersky Total Security. However, no security software is foolproof, and it won’t patch your unpatched operating system.
You must also be super-suspicious about emails, and never click unsolicited attachments. According to Precisesecurity.com, spam and phishing emails caused 67% of ransomware infections in 2019, causing $4bn (£3.1bn) worth of damage.
The best defence against ransomware and other serious attacks is not having anything to lose. Keep copies of all your valuable data on external hard drives and thumb-drives and possibly online, and as little as possible on your Windows 7 PC. Make daily backups to a storage device that is not otherwise attached to your PC, and keep a current disk image handy. You’ll never have to pay a ransom if you can just wipe the infected drive and restore your PC from a backup.
Replacing Windows 7
Given the risks of running Windows 7, users should plan to replace it as soon as possible. The options include Windows 10, Linux and CloudReady, which is based on Google’s Chromium OS. In effect, it turns your PC into a Chromebook.
Windows 10 is the best option for most ordinary Windows 7 users. Although it has some additional stuff, Windows 10 still has most of the features of Windows 7, and you can make it look much the same. It will run most, if not all, of your existing software, and you will have to do the least amount of relearning. Decades of Windows experience will still be useful.
Microsoft offered Windows 7 users a free in-place upgrade to Windows 10 during the year after its launch, and it would have been sensible to take it. Since then, you have been able to download a copy of Windows 10 and use Microsoft’s media creation tool to upgrade Windows 7 either directly or from a thumb-drive. So far, most users who have tried this and entered their Windows 7 product key have had their copy of Windows 10 authenticated. I can’t say whether that will continue to work. However, Microsoft wants people off Windows 7 and on to Windows 10, so it’s worth a go. Just skip the part where it asks for a product key, and leave it for later.
If you install Windows 10, you can use it for a month. After that, you will get a “watermark” on your desktop that says it isn’t authenticated, and Microsoft will nag you to do it. You will also lose personalisation options, so you won’t be able to change the wallpaper, themes, lock screen and so on, but it will continue to work. Using an unauthenticated copy of Windows 10 is not a long-term solution, and it’s a bad idea for businesses, which can pay for extended updates. However, if you’re a Windows 7 home user, it gives you more time to decide what to do.
Alternatively, keep Windows 7 for offline use, and use a “live Linux” for internet access.
Many people are familiar with the idea of running Linux from a “live CD” or DVD, which doesn’t interfere with the current desktop operating system. There are not many DVD drives around nowadays, so the modern equivalent is to run it from a thumb-drive. You can create one with a tool such as Rufus or LinuxLive USB Creator. Thumb-drives are slow, so you won’t get great performance, but it will keep you safe online. You’ll also find out if you can live with Linux.
Get a ‘new’ PC
The problem with buying Windows 10 Home from the Windows Store is the price: £119.99. You can buy laptops running Windows 10 for less than that, and usable laptops for not much more. For example, you could get a brand new Asus VivoBook E203 (11.6in screen) from Argos for £159.99, or a VivoBook E406 (14in screen) for £179.99. Both have slow Intel Celeron N4000 processors and 4GB of memory, and they are called “cloudbooks” because of their limited 64GB of storage. Like Chromebooks, they are designed to work online. Unlike Chromebooks, they can run Microsoft Office and other Windows programs.
A better buy would be an Asus X540MA with a Pentium Silver N5000, 4GB of memory and 1TB hard drive for £239.99 at eBuyer.
Alternatively, you could buy a refurbished laptop or desktop already running Windows 10. For example, Tier1Online has a small ex-corporate HP desktop with a Core i3-3220 processor, 4GB of memory, 500GB hard drive and one-year guarantee for £99. It has lots of ThinkPad laptops at prices from £169 (X240 with an i3-4010U and 4GB) or less to £249 (X1 Carbon with an i5-4210U, 8GB and a 128GB SSD) or more. Tier1Online will also add extra memory and SSDs to most of its machines, if required. You can extend the guarantee to three years for £40.
You can also buy refurbished laptops from Morgan and various suppliers on Amazon or eBay. GetOnline@Home is a government-backed scheme that offers extra discounts to people on benefits, and there are other sources.
Windows 7 hasn’t been current since 2012, when Windows 8 was launched. Processors have advanced a lot since then, and SSDs have mostly replaced hard drives. Somebody else’s cast-off PC may be newer and faster than the one you’ve been using for five or 10 years.
Have you got a question? Email it to Ask.Jack@theguardian.com