Deadlines are scary. I know. And Microsoft has thrown Windows 7 users a big one: Update to a more modern operating system by January 15, 2020, or you’ll never receive security updates ever again. Eventually, Microsoft will even start disabling key Windows 7 services—like Internet Backgammon and Internet Checkers—throughout the year.
I’m being a little lighthearted about this, but Microsoft’s abandonment of Windows 7 is a cause of concern for many. Lifehacker reader Douglas recently wrote in with this question:
“I was reading your writeup regarding Windows 7 and I really cannot afford to upgrade at this exact moment. Is it catastrophic if I don’t upgrade now? Thanks in advance for your help”
Catastrophic? No. If you’re still clinging to Windows 7, odds are good that you’re using it to address simple handful of simpler needs—sending email, browsing the web, etc. That, or perhaps you have a few specific applications that don’t work with future versions of Windows, or you might even be running Windows 7 on old hardware that can’t handle the upgrade for whatever reason (speed or available space).
Windows 7 will keep working come January 15. However, now that Microsoft won’t be releasing any more security updates for the operating system, it’s true that Windows 7 will be more vulnerable to attack. No question there.
However, I’m willing to go out on a limb and say that you’ll be able to mitigate most issues with some good common sense. In Lifehacker terms, that means thinking hard about your cyber-security setup at home and doing everything you can to ensure that software doesn’t get on your machine that can take advantage of any vulnerabilities that will not be patched going forward.
Were I still using Windows 7, I’d go the nuclear option. I’d install some variant of Linux on my system and run Windows 7 in a virtual machine, thereby giving me a fresh, updated system to work with for everyday activities, and access to Windows 7 for any super-specific apps or services I need to use. It’s not a tricky process, but it’s possible that setting up this kind of a configuration might be over the heads of many people still using Windows 7. That, or your system is too underpowered to run a VM. (I’ll likely write a guide for this next week, so stay tuned!)
Otherwise, there’s plenty else you can do to keep yourself as protected as possible from exploits while you cling to the sweet familiarity of Windows 7. The list is pretty comprehensive:
- Make sure you’re using a router that’s still receiving firmware updates from its manufacturer (as in, not something that’s six years old). Keep your router updated and make it as secure as possible.
- Don’t use an administrator account for everyday tasks. Use a standard account, and switch to an administrator account for any settings you need to change (if needed). Switch back when done.
- Use an antivirus that will still be updated after Windows 7’s end-of-life date. (I recommend BitDefender’s free version.)
- Regularly scan your system with a free anti-malware utility. Keep this utility updated.
- Keep your system’s BIOS as up-to-date as possible (if it’s not ancient)
- Keep critical Windows security features on (like Windows Firewall), and disable or remove features you don’t need (Java, Adobe Flash Player, Quicktime, Shockwave Player, et cetera). Similarly, remove any other junk you’ve stashed on your system—browser toolbars, apps you don’t use, et cetera.
- Don’t download files you were sent that you don’t recognize. Don’t open files that your browser downloaded on your behalf.
- Skip Internet Explorer and use a browser that has your privacy and security in mind. Run uBlock Origin and uBlock Origin Extra, Privacy Badger, and HTTPS Everywhere at minimum.
- Use a third-party DNS to help you stay safer while you’re browsing.
- Run unknown apps in a sandbox while you confirm they’re safe to use.
- Back up your system and its critical files right now. Save that backup in a safe location, in case your Windows 7 system gets hit with some kind of horrible malware and you have to start from scratch.
- Consider encrypting the most important data you store on your system.
- Keep your system’s apps as updated as possible.
- See if you can hack your way into getting free Windows 7 updates for a few more years.
And here’s an even crazier idea; if you don’t need the web on your Windows 7 machine for whatever reason, then just disconnect it. The odds of your system being hacked just plummeted, so long as you don’t go around plugging random USB keys into your computer.
I don’t want to come out and say that there’s a picture-perfect way to secure Windows 7 starting January 15 (aside from unplugging your computer from the web). I’m guessing that most attacks will initiate from user activity; as in, some kind of phishing attempt or malware will trip you up, and this will be how a rogue app infects your system and exploits your older OS. If you practice some cybersecurity common sense, you should be able to avoid most (or all) of these instances.
That’s not to say that you should cling to Windows 7 forever. No operating system is one-hundred-percent secure, but I’d much rather stick with an operating system Microsoft is actively patching than one that it isn’t. Conversely, even if you bump up to Windows 10, you should still follow the instructions in this article, where applicable. Having solid security practices is one of your best lines of defense against malware, viruses, and other unpleasant digital issues.
Do you have a tech question keeping you up at night? Tired of troubleshooting your Windows or Mac? Looking for advice on apps, browser extensions, or utilities to accomplish a particular task? Let us know! Tell us in the comments below or email email@example.com.