![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Keep Running Windows 7 Safely for Years to Come
Home › Forums › AskWoody support › Windows › Windows 7 › Win7 beyond End-of-life › Keep Running Windows 7 Safely for Years to Come
- This topic has 142 replies, 27 voices, and was last updated 6 days, 14 hours ago.
Viewing 0 reply threads-
AuthorPosts
-
-
November 6, 2019 at 1:19 pm #2000524
Cybertooth
AskWoody PlusAs Windows 7 approaches the expected end of monthly security patching next January, Windows 7 users who have hesitated to switch to Windows 10 face the critical choice of whether to accept Microsoft’s newest operating system; to switch to an altogether different platform such as Linux, Mac, or Chrome OS; or to look for a way to protect their favorite OS into 2020 and beyond.
In my case, I have decided to implement a multi-layered defense strategy which, I am confident, will make it possible to use Windows 7 without worries while I continue the slow transition to Linux (Kubuntu). The defensive layers include, in no particular order:
* Resident anti-virus software. My main Windows 7 machine is currently on BitDefender Free, but there are many other good free and paid AV solutions out there.
* Resident anti-exploit software. Several choices are available, such as Malwarebytes Anti-Exploit (MBAE) and Microsoft’s own EMET, but I use HitmanPro.Alert as it also offers keystroke encryption.
* On-demand scanners to catch any baddies that might have gotten past the main defenders. I cycle a variety of free scanners including Malwarebytes Anti-Malware Free (MBAM), Sophos Virus Removal Tool, F-Secure Online Scanner, Norton Power Eraser, and ESET Online Scanner. (Once again, there are others, free and paid.) At least occasionally, run the rootkit scanning feature, if available (usually requires a reboot).
* Use a Web traffic-filtering browser extension such as Norton Safe Web or Bitdefender TrafficLight, and/or a security-oriented public DNS resolver such as Quad9, for your Web browsing.
* Keep your router firmware updated, if possible, and consider increasing the router’s hardware firewall settings (it may come set to a medium level that’s less hassle, but offers lower protection). Learn how to block websites and URLs at the router.
* Use a software firewall that will explicitly ask your permission when new programs try to access the Internet for any reason. Over time, you will train the firewall to allow trusted programs and the number of notifications will fall to just new (and possibly unknown) programs. ZoneAlarm Free Firewall is set to ask you “out of the box.”
* Keep your browsers (plus their extensions/plugins) and other programs updated.
* Use ad-blocking extensions on your browsers, as malvertising is one of the main sources of infection nowadays. My main choice for this is uBlock Origin, although I’ve also used Ghostery.
* Change your Windows account from the default administrator account to a standard user account, which has fewer rights to install software and make changes to the system. (You will have to enter a password to do those sorts of things.) This prevents malware from exploiting your administrator status to make changes behind your back, and research suggests that this one measure alone prevents upward of 90% of attacks.
* Use an extensive Hosts file to stop your computer from being led to sites that serve up malware. I also use it to block Facebook, which some researchers claim follows you around the Web even if you don’t have a Facebook account. You can obtain ample Hosts files from here or here.
* Additional protections: I have installed OSArmor by NoVirusThanks and have had a good experience with it. The program, over time, builds a whitelist of programs that you have approved to run on your PC. I am also considering BlackFog Privacy and VoodooShield as useful, supplemental layers of defense; reports on the security community Wilders Security indicates a high degree of compatibility and satisfaction for both of these products.
* I am evaluating 0patch, by Acros Security. This is a service that injects on-the-fly patches to software that no longer receives updates from its vendor. I am currently using it on a Vista test machine and have experienced no problems, although I’m not sure yet how useful it might be as it has rarely kicked in to do its thing. For a more thorough test, I may need to install 0patch on my main Vista PC, but for now at least I’ve determined that it doesn’t make Vista crash or slow down. When Windows 7 goes EOS, 0patch could conceivably fill in for the bulk of security patches that Win7 will not receive.
* Finally, back up the PC (data and programs) regularly. If all else fails and you get infected, you will then have a reasonably current copy of your computer that you can install over the infected system. There are numerous image backup solutions out there; I use the free version of Macrium Reflect.
* * * * *
You might think that there is considerable overlap in the kinds of protection offered by the above set of measures. And you would be right: the defenses feature a moat, trenches, walls, minefields, sentries, snipers, archers, machine-gun nests, early-warning systems, Patriot missiles, deflector shields, and an escape tunnel. I have deliberately built redundancy into the strategy, so that whatever one misses another one will stop. I’ve neither experienced nor heard of any incompatibilities affecting computer usability. (The only caution is to avoid using multiple resident AV programs at the same time, for example BitDefender and Kaspersky.)Is this paranoid? No more so than the folks who tell us that you must patch right now or you’re doomed, or that you must upgrade to Windows 10 when Win7 goes EOS or you’re doomed.
With this combination of defensive measures, I have every confidence that my Win7 box will remain well protected for as long as I care to use it. So long as security vendors continue to support Windows 7, and Win7 browsers continue to load websites, I don’t see any great impediment to keeping this Windows 7 system connected to the Internet for the foreseeable future.
Total of 33 users thanked author for this post. Here are last 20 listed.
-
-
AuthorPosts
Viewing 0 reply threads -
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search Newsletters
Search Forums
Recent Replies
-
Kathy70 on New computer setting up – ‘Apps’ disappeared from Settings
-
doriel on Can you check your user name?
-
doriel on Can a swapfile be put on an SD card?
-
PFC on Is IT Skill Set Sustainable?
-
doriel on Try to fix one thing, break another
-
doriel on Try to fix one thing, break another
-
Alex5723 on Medical ID on iPhone… WTH Apple?
-
arfurdent on Medical ID on iPhone… WTH Apple?
-
anonymous on Try to fix one thing, break another
-
doriel on Try to fix one thing, break another
-
Alex5723 on Try to fix one thing, break another
-
doriel on Try to fix one thing, break another
-
OscarCP on Try to fix one thing, break another
-
Alex5723 on Try to fix one thing, break another
-
doriel on Office365 colors
-
Paul T on Starting up my Chromebook
-
Susan Bradley on Try to fix one thing, break another
-
Alex5723 on Tasks for the weekend – February 20, 2021 – it’s Squirrel away time
-
Alex5723 on iTunes preferred method to update iOS?
-
Paul T on raid config broken now only one drive visible
-
Paul T on Find & Replace
-
Paul T on New computer setting up – ‘Apps’ disappeared from Settings
-
Zig on Try to fix one thing, break another
-
Paul T on Bleeping computer reports Flash patch force installed
-
Paul T on Tasks for the weekend – February 20, 2021 – it’s Squirrel away time
-
Paul T on Try to fix one thing, break another
-
OscarCP on Try to fix one thing, break another
-
E Pericoloso Sporgersi on Try to fix one thing, break another
-
Nathan Parker on iTunes preferred method to update iOS?
-
OscarCP on Try to fix one thing, break another
Recent Topics
-
MacOS : Supplement Spotlight with Alfred 4 and LaunchBar 6.1
2 hours, 12 minutes ago
-
Try to fix one thing, break another
1 hour, 3 minutes ago
-
Outlook print format different for contact phonebook between Outlook 2013/2016
12 hours, 30 minutes ago
-
Styles.Visibility
12 hours, 19 minutes ago
-
Windows 10 Insider Preview build 20322 released to DEV Channel
13 hours, 56 minutes ago
-
Medical ID on iPhone… WTH Apple?
1 hour, 20 minutes ago
-
Is IT Skill Set Sustainable?
52 minutes ago
-
Large Norton Update
12 hours, 36 minutes ago
-
Transparent content in dragged window
15 hours, 40 minutes ago
-
raid config broken now only one drive visible
4 hours, 30 minutes ago
-
USB Mouse Causes Laptop Black Screen
15 hours, 38 minutes ago
-
Windows 10 Feature Experience Pack 120.2212.3030.0 (20H2 &21H1) released to Beta
13 hours, 43 minutes ago
-
Office365 colors
4 hours, 17 minutes ago
-
Frys electronics is closing
9 hours, 49 minutes ago
-
MS Edge Webview2 Runtime Installed?
23 hours, 44 minutes ago
-
Looking for graphic equalizer for Windows 10
1 day, 1 hour ago
-
Can a swapfile be put on an SD card?
38 minutes ago
-
Dm to bradley
1 day, 8 hours ago
-
Starting up my Chromebook
4 hours, 24 minutes ago
-
Veeam now working with kernel 5.8 in experimental branch
2 days, 9 hours ago
-
Microsoft changed my local account to a Microsoft Accountt
1 day, 18 hours ago
-
“Unwelcome” Open Windows Display
2 days, 12 hours ago
-
iOS 14.5 makes it harder for hackers to develop zero-click exploits.
2 days, 17 hours ago
-
New computer setting up – ‘Apps’ disappeared from Settings
9 minutes ago
-
Ver 2004 Update – Device Updates help
2 days, 10 hours ago
-
can not create new folder
2 days, 16 hours ago
-
All Browsers Fail!
1 day, 18 hours ago
-
How to create a bootable macOS installer
3 days ago
-
How to create a bootable macOS installer
3 days, 4 hours ago
-
Amazon’s new ‘same-day nodes’ will displace postal deliveries
3 hours, 33 minutes ago
Search for Topics
Recent blog posts
- Try to fix one thing, break another
- Frys electronics is closing
- How to create a bootable macOS installer
- Amazon’s new ‘same-day nodes’ will displace postal deliveries
- Glacially slow, 10-minute boot times!
- The latest vulnerabilities in the network stack
- Freeware Spotlight — FastCopy
- Changes to policies
Key Links
Copyright © 2004 – 2021 AskWoody Tech LLC. All rights reserved.