Despite XP’s end of support, Microsoft is still going to release the fix for the recent Internet Explorer vulnerability for the ageing operating system.
Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.
If you’re still on Windows XP, you deserve to be insecure. Get a modern operating system – Windows 7/8, OS X, Linux, anything. XP is outdated crap, and it’s time to move on.
It’s funny to see how Microsoft is spinning this as “we did it because of proximity to the end of support” when the true reason is the liability of having 30% of Windows users with this bug.
That said, so long as I have to pay to upgrade I won’t.
No, I don’t use WinXP. The only Windows system in my house is my wife’s Vista system which won’t get a new version of Windows ever; it’ll become a Linux system once she gets a new system…some day.
In the meantime that is exactly the sentiment that XP users have; they’d probably upgrade to Win7 if it was free, easy, and reliable to do so – but Microsoft made that really hard by not providing an XP to Win7 upgrade path (even when Win7 was brand new – you had to go to Vista first).
So now it’s biting them back.
Large corporations have many word spinners.
With Windows XP still used by around 30% of all web surfers, the potential liability around a bug which came into existence well before the EOL, and became publicized just after the EOL, was likely felt too large to just ignore it.
Also, as far as I understand, a number of other Windows products (Embedded and Server) still in active service with full support will be updated to deal with the bug. Thus, there would be minimal additional expenditures involved with delivering an update for Windows XP.
With respect to the apparent refusal to upgrade of this 30% of all web surfers, it likely that they are not willing to go through the financial pain of purchasing a full Win7 product and the aggravations of migrating applications and data post-upgrade.
Furthermore, they probably got Windows XP when they purchased their current systems and will upgrade only when they need to replace it – if they are replacing it with a Windows based desktop. Some may have already migrated to a tablet for a lot of the web related tasks they do and have kept the Windows XP dinosaur only for the apps not yet existing on their tablets.
Bullshit, they did the same thing with WinNT in 2006 and WinNT wasn’t anywhere close to 30% back in 2006. the reason why is obvious to anybody that is thinking rationally, MSFT knows that script kiddies wait for EOL to get some free jabs in, just as they wanted with WinNT, so by giving a 3-4 month grace period they are able to smacj down the script kiddies before walking away which i would argue is not only smart but shows they know how the malware writers work.
And don’t even start preaching Linux, until you can show a system that passes the Hairyfeet Challenge its gonna stay a 1% OS that is unsuitable for 99% of the population as nobody is gonna deal with “open up bash and type” or having their wireless crapped on every year when the upgrade death march rolls around because some “genius” dev decided to move a pointer.
Except those same script kiddies would just wait the extra 6 months or year…sorry but that’s just BS.
So the Linux User’s Group I’ve been part of has set up linux systems for groups and not had any issues with those groups needing to use CLI – they typically use a Ubuntu derivative.
I’ve also setup Linux for people and had the same experience.
Ultimately, CLI is not required on any modern, main-stream Linux distro (take your choice) any more than it is on Windows. And yes, there are still quite a few tasks on Windows that require CLI access. For instance, there was a major bug in the Windows Vista Windows Update functionality that required CLI access to change permissions on files in order get Windows Update to work again – same bug also occurred in Win7.
They set a precedent that will let corporate laggards stay on the ancient version of IE for even longer… Meh.
Thom, that is nice of you to be buying people new computers. Where do we send the bill?
I double this. There are a lot of computers around that aren’t simply powerful enough to run Win7.
But then, I do not expect M$ to actively support XP but as with the IE bug: Such thing should be fixed. Or: MS should move the XP sources over to GIThub 🙂
Then they must be more than 10 years old. I knew I remembered some reviews of Windows 8 and I found some by Googling “Windows 8 on 10 year old computer”.
Windows 8 runs fine and about the same as XP on a P4 with 1 GB RAM and a 20 GB hard drive.
Considering my luck with old hardware, I doubt that there are very many computers older than that still running. I do have a 1998 computer that will still run Linux. But I had to completely replace the cooling fans a couple of times and the hard drive.
My other old computers died pretty hard with failed power supplies and bad motherboard capacitors.
I really doubt there are a lot of 512 MB Pentium IIIs still running out there.
Virtually all desktops (and most laptops) built in the last 15 years can run Windows 7.
My deskop is nine years old and has an Athlon 4000+ and 4GB RAM.
Based on… your personal system alone?
Some very old systems can run Win 7 ok with what was a decent graphics card at the time but most laptops and business desktops have Intel graphics, you don’t even need to go back as far as 10 years to find totally unsupported hardware.
https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=1862&…
Mainsteam laptops and desktops with Intel 915G chipsets run XP buttery smooth even with the lowest end CPU from the time and as little as 512MB RAM but are totally useless at Windows 7.
I have an old IBM PC 365 Pentium Pro Dual with 256 Mb still running fine after all these years. It is like 20 years old now. Of course, it does not run Windows. I still fire up it from time to time just to check things. The only thing I changed on it was the small scsi hard disk.
Thankfully, this is the only really old computer I have now but I like to keep the old cases and assembly a kind of frankenstein-pc with them.
Exactly. My grandmother has an old XP machine, it’s perfectly good for what she needs (web, email), so she certainly doesn’t need a new one.
And significantly, I wouldn’t want to upgrade her, given how many years it took me to get her happy using XP – she’s not an expert user, and even Windows 7 would be too different for her, never mind the UI disaster that’s Windows 8…
Zorin OS Ultimate cost about $ 25.00 with physical media included and the option of mimicking Windows XP (and windows 7, Vista, Ubuntu Unity, Mac OS X or GNOME 2).
When it is only e-mail and surfing, this could be an option to get a cost-effective and supported OS without a big culture shock…
No, I’m not a Zorin employee, nor a Zorin user. I just think keeping ones family on unsupported and known to be vulnerable software is a terrible idea.
Exactly the same case here, took me a lot of effort and patience having my mother comfortable with Windows XP, she is happy with it and for her needs, it is more than enough.
How is running XP any different to running any OS that is no longer supported? So PalmOS, BeOS, Classic MacOS (or any version of OS X prior to 10.6) – these too have the same issue.
This should be big news for China, which has an estimated 77% of the world’s IE6 users!
http://www.techinasia.com/windows-xp-now-dead-but-200-million-machi…
“a staggering 22 percent of the world’s web browsing is made up of mainland China rocking IE6”
I have no idea why so many still use IE6, other than that I hear some online banking sites in China still require it.
Same reason why the company I work for still has production servers running perl 5.06. It costs money to either rewrite or test old web apps/scripts on the latest and greatest.
For better or worse, some companies choose not to spend that money. At least we recently went from IE6 to IE8, so we’re making progress
They are illegal copies and don’t get updates.
I’m pretty sure I can download newer versions of IE without having a legal copy of Windows. In fact, I probably don’t even need IE or Windows at all to be able to download a newer version than IE6…
I don’t think anyone who is reading a site called “OSNews” is still on XP. Hence, I don’t think this (otherwise useful) advice will actually reach the ears of any XP users (at least not directly).
Early Windows XP cracks “required” Windows Update to be disabled (because of WGA). So, those people are probably running cracked versions of XP with Update disabled, and don’t know enough about computers to care about installing another browser.
In fact, they may not even know what Windows Update is, if they bought a computer with cracked XP preinstalled (happens if you buy from shady computer shops assembling PCs on site) or if they had some friend install cracked XP for them, and Windows Update was disabled for them by someone else.
Then there are people with slow connections who disabled Windows Update because it was annoying them, and also don’t care about installing another browser.
IE6 needs to be blacklisted by websites, plain and simple, while directing users to more modern browsers.
My now-ancient netbook came with XP and still has XP installed. 99.9% of the time, however, it runs Fedora or Ubuntu. Of the 0.1% of the time I need to run XP, if I need to use a browser, it’s Firefox.
It’s been so long since I… um… “experimented with an unauthorized copy of XP for purely academic purposes” (phew, I think got away with that).. that I had forgotten about early pirate copies not being able to update.
Edit:
And they can’t just “update” to a free OS like Linux unless they want to cut themselves off from the rest of society.
Because *everyone* in China is on QQ (IM) and QQ is just an incredible pain in the arse to try and get running on anything (anything desktop) but Windows. I know, I’ve tried.
(And yes, I know about the handrolled debs kicking around for Ubuntu. I even tried the GenyMotion emulator + apk for QQ for Android.)
Edited 2014-05-02 10:49 UTC
Even in that case, I would lock XP up in a virtual machine to run QQ and do the rest of my computing on Linux. (Then again, I am of the firm belief that any version of Windows should be locked up in a VM and only used when absolutely necessary.)
I’m still using XP, since it’s working fine for me and I don’t see the point in shelling out money for a newer version, especially since I use a Linux machine for browsing.
Maybe I’m the odd one out here, but I see Windows as nothing more than a boring tool to enable me to run certain applications. It’s other OSes that interest me, and therefore I’m not bothered paying money for what in my usage case is little more than eye candy. In a similar way to how I haven’t updated from Office 2003 and Photoshop CS3 – they both do everything I want so why pay money for no benefits?
Of course others will see benefits or have an interest in such software and so will want to update to be able to use these shiny new features, and more power to them. I just don’t see it.
Me too. I still have a partition with Windows XP with Windows embedded build tools to support small shops I work with. Never ever had any viruses or even spyware on this machine. The main problems with XP, besides its security architecture being broke by design, is that almost all people run with administrator privilege because lots of software just could not work on regular accounts. This and the fact that Internet Explorer was so interweave with system files that a compromise on it could rapidly be escalated to affect the whole system.
The advices I give to people that want to stay on XP, and most of them are old guys and old ladies is:
– run on regular accounts;
– do not use Internet Explorer to anything but trusted services that can not run on anything else;
– on FIrefox or Chrome, install ad and script blocks;
– put a good anti-virus on your machine with integrated anti-spyware, fishing detection and network monitoring;
– have a second static anti-malware scanner and use it from time to time;
– have backups because all computers “die”, the old ones usually first, just like us.
I still use two XP machines from time to time. One in my garage and the other in my cousins shop. They run older CNC routers/laser cutters. They work exceptionally well for that purpose. I suppose we could use flash drives to move stuff onto the machines, but having them on the internal network makes life easier. And yes, we could find some open source workflow that is as good or, more likely, nearly as good; but why break something that works.
In general I agree with you that people should “move on,” especially when it is just a $350 for a new laptop. However, some XP machines are working quite well as intended and would be very difficult to upgrade. Personally, I hope to get another 10-15 years before I have to retire that setup.
I concur with you.
The moms and pops shops and hands-on weekend mechanical thinkerers will likely keep using their Windows XP systems until they break. Then, they may upgrade if the apps they know so well are compatible with whatever system is available at that time, or fix the old dinosaur(s) by using replacement parts obtained through auction sites if equivalent apps cannot be found.
Not every one enjoy planned obsolescence.
It is entirely normal to ask people to maintain their car, get it serviced regularly, and fix things that break. Same for homes, kitchens, bathrooms, bikes, the garden, anything. All of this costs money, and this is normal.
It baffles me that some people expect computers to not require any maintenance or fixing. Part of that maintenance is upgrading to modern, secure software. And yes, like maintaining a house or a car, that costs money.
Deal with it.
Unless you’re running a free OS, but you know that. And of course, for some people Windows is the only option, even if it means shelling out cash for new hardware to get the new software.
For another perspective, I still run XP on an old gaming rig. It stays off the network unless I need to do updates, which is moot at this point (the current topic notwithstanding). I balance the need to run XP for classic game compatibility with the desire for a secure system, and I find that balance in keeping it offline unless absolutely necessary.
I generally agree with the rest of your comment, but for this one part, I feel obliged trot out this old warhorse:
Upgrading to a free OS won’t cost you money…if your time is worth nothing.
And when you maintain your car, you get a car that keeps working exactly as it did before, the same way it’s worked for decades.
Upgrade your OS, and everything about how you use your computer changes. Fine for computer experts like us, who understand the underlying concepts and can adapt easily – but not so much for my 90-year-old grandmother, whom after ten years or so, has just about grasped the basics.
So, you would rather have your grandmother run insecure, unsafe, unmaintained software, than take a few hours to teach her the things that changed?
Wow.
Blimey, no need to make it so personal. He’s not a bad person for not upgrading his granny’s computer against her wishes, ill-informed though they may be.
There is such a thing as temperance and nuance when discussing these topics.
It would take *years* to teach the differences between Windows XP and Windows 8. Upgrading from ’98 to XP was bad enough when her first computer eventually gave up the ghost, and that’s a very small UI difference. It was a significant effort getting her comfortable with the move from IE6 to 7, because tabbed browsing just introduced something new to confuse her.
Remember, we’re talking about normal people here – not techies who can adapt easily because they understand how things work. Many people don’t like change, they can’t cope with change. No question XP is buggy and insecure, but it’s a hell of a job getting people to change when they don’t understand the reasons why change is forced upon them…
People who are comfortable using computers so often fail to understand how difficult they can be for others.
I’ve spent the last year teaching someone the basics of using their computer; things like going online and checking their email, or importing images from their camera. Trying to teach more complicated tasks, like basic image editing/resizing, was a futile effort that confused them so much they nearly stopped using it at all.
After a few months they were confident enough to use the computer on their own, but they still ring me up every week or so because they’ve forgotten what to do, or done the wrong thing and become confused by an unexpected window/menu. In fact, I’m visiting this Saturday to find out why importing images from her camera has supposedly stopped working…
The idea that adapting to small differences is a non-issue just isn’t true of someone like that.
That was the problem with the IE6 to IE7 transition – tabbed browsing opened up a whole new set of different ways for things to go wrong, when they accidentally open a new tab and can’t work out where the page went…
I see no problem with this setup. On a LAN with no world facing machines, there is little that could go wrong.
Back in 2003, you bought a $100K electron microscope with an internal computer running Windows XP. In 2013, your warranty ended, and besides, the currently installed software won’t work in Windows 7. The microscope has to be networked so that you can print and email digital photos of what you view in the microscope. The manufacturer was bought by an overseas company, and they no longer provide support for that particular model (because it wasn’t a new product line when you bought it, and it was discontinued in 2009). The latest models run Windows 7, but that works only for the newest microscopes and doesn’t work for the model you currently own.
You have two options to upgrade your OS. One is to pay the vendor a $130K NRE to port the old software to Windows 7. The other is to pay $130K for a whole new microscope.
What do you do?
Your point is well made either way, but I would like to know if this is a real story. If it isn’t, I’m sure tehre are unfortunately many real stories just like this.
If you are sure there are many stories like this, why do you doubt the authenticity?
Maybe you bought a $100K oscilloscope back in 2008 with Windows XP. Now you need to pay $30K to have it upgraded to Windows 7 to keep having it connected to your corporate network, be able to print and share scope shots and control it remotely.
The real issue is not replacing your ageing PC with a new one. The real issue is how to uphold security of the Internet of Things where software is not easily upgradable. Just imagine how many devices, routers, mobile phones, media boxes, toasters etc. which are still affected by the Heartbleed bug!
Edited 2014-05-01 19:04 UTC
There are countless cases of this in industry, especially in scientific industries like pharmaceutical and medical. I work in medical devices, and some of the equipment I have to maintain still runs DOS. There’s no possible way to move on from that because they either have custom, built-in PCs with dual 386 CPUs (I’m not joking), or need some sort of custom ISA card to run their hardware, or simply use software that directly accesses the hardware, effectively ruling out any OS with an NT kernel.
Pharmaceutical equipment, by the nature of the tightly regulated world it lives in, has a very long development cycle, sometimes over 20 years. You just have to accept that and keep a stock of things like DOS 6.22 and Windows 3.1 install disks lying around, along with old hard drives and spare instruments, because sometimes there is no other way. Some of our newest instruments still on sale use XP embedded, and probably will do for years to come.
Connect it to a Windows 7 computer, and only that computer, through a network, and mount a shared drive from the Windows 7 computer on the Windows XP computer where the images will be saved. Then email the images using the Windows 7 computer.
Or just use a flash drive to transfer the images to a computer that’s connected to the Internet.
…unless you’re not actually looking for solutions but are just looking to “make a point”.
Other solution: Invest a few 100$ to put you XP stuff behind a firewall.
Like all the bank automates (money dispensers?): They all use XP, but the bank IT folks don’t care: These machines run in a protected environment behind a firewall with (hopefully) the latest OS and bug fixes.
Before give any answer, for dont repeat again past mistakes like “dont read the fucking license and dont care about in wich device we invest the money”
Did you took in consideration that hose 130k $ will work only until year 2020?
..and the wheel will move again in that time
The thing you do is realize that you made a mistake and ensure it doesn’t happen again.
Buying expensive mission critical equipment without ensuring its maintainability over the desired usage time frame is short sighted at best, bordering on irresponsible.
Whether that is a contractual obligation of the vendor or access to technical documentation and source code (not necessarily OpenSource, lots of proprietary code has ensured availability through software escrow or similar).
It might be cheaper to buy new equipment or run it on a separated and secure network or just risk loss of confidental data, but they are not the only options
You’re assuming the buyer has a choice. I don’t know much about the market for electron microscopes, but I’ve acted for the buyer in transactions where there’s a relatively small number of manufacturers of a type of equipment, all of whom contract on a similar set of terms. You either accept those terms, or make do without the equipment.
This is what I’m trying to say. Some equipment in these fields takes something like 5 or 10 years to develop, and is supported for a further 20 years, so all you can do is go with the newest OS available at the time of release and hope for the best. That’s why, up until 2 years ago, I was still receiving software updates on 720k floppy disk for an instrument built around a 486 and QNX. At the time it was cutting edge, but when it takes that long to develop an instrument, you can’t just knock out a new design 3 years later with a new OS. It takes at least 10 years to get your development money back, and as a result there’s a 20-year gap between generations, and there’s nothing the customer can do about that.
Edit: I guess it seems easier when “mission critical” means an off-the-shelf PC that can be replaced in a matter of hours if problems arise which is the case in some industries, but it’s simply not possible with big, expensive, long-lifecycle instruments like my examples or the example of the electron microscope.
Edited 2014-05-04 00:12 UTC
Thom, not everyone wants to pay for upgrade of hardware/software if there is almost no reason for it.
Edited 2014-05-01 18:43 UTC
If you’re on XP still you must only web browse and email and such. Get a tablet then and don’t worry about the dinosaur PC/XP
Rather a strange thing to say. It’s hard to think of anything much that can’t be done with a computer running Windows XP.
Some charities I’m involved with are still using XP for all their computers. It’s on their servers, used for creating their advertisements, running their bespoke databases, etc. There’s a lot of worry about the expense of upgrading, and the problems that could arise with software/hardware compatibility issues.
One charity have basically decided that they’re going to keep on running XP for at least another couple of years, and trust to luck when it comes to security. The estimate for upgrading/replacing all their computers was around $150,000. Not a lot for most companies, but for them, with recent cuts to their grant funding, they simply can’t afford it.
I ran XP on a Netbook only yesterday to view some source code in Visual Studio on site.. The Windows 7 laptop we’d bought along hadn’t been tested and refused to allow my college to log on (his oversight, sigh), so the Netbook I had in my bag was used.
If my Netbook still runs Visual Studio 2010, it’s still useful to me. Anything Thom believes is true, is purely his own hang-ups.
I am actually on Windows 8.1, but only because I get free MSDN keys otherwise I would still be using XP.
Many people I know are developing programs on their XP machines. If it works for them then why waste money on upgrade?
Who in their right mind would want to completely switch from pc to tablet? Also, the cycle of absolution is a lot shorter for tablets than for pcs.
arguments blaming the victim are easy, actual journalism is hard. The imperative to minimize effort trumps the alternative, once again…
There is a reason. It’s insecure.
If your brakes are insecure on your care, you want them replaced, right? What if you get hit by a car whose owner didn’t service their brakes properly? You’d be angry at him for not taking proper care of his vehicle, right?
Computers are no different.
sure, but the problem is that the manufacturer of the brakes (in this case microsoft), even after hundrets of attempts to repair them, still couldn’t make them secure
the product they sold you is broken to a level that after more than 10 years of constant repairs the manufacturer itselfe has given up on it
if you would apply the same rules to software as you do to any other product you would be entitled to a complete refund
But software is nothing like e.g. the brakes mentioned before. First of all, it would be like trying to use the same brakes in all vehicles, ranging from 3-wheeled, 10hp toys to 10 ton trucks — physical stuff just doesn’t work like that while software can.
Secondly, how many things do you know brakes doing? Sure, they are depressed against the wheels and therefore reduce speeds due to friction, but do they do anything else? An Internet – browser does a whole metric fuckton of things and there are millions of places where something could go wrong.
Thirdly, how many objects actually affect the brakes? Have you ever had e.g. malfunctioning headlights stop your brakes from working? No? Well, in software there are, again, millions of ways applications can interact and an app that isn’t meant to interact with something may well end up still doing it, causing a mess. Again, it’s nothing like actual physical objects.
People very often go and try to compare software to physical stuff as an excuse to bitch or whine about things, but the reality is that they are not alike in any way or form.
ironically, that sounds like an excuse to miss the forest from the trees.
Excuse-ception…
http://en.wikipedia.org/wiki/Electronic_brakeforce_distribution
http://en.wikipedia.org/wiki/Anti-lock_braking_system
no, and thats the point.
even if your headlights bring down every electric/electronic system in your car, the brakes will still work
The problem with analogies between software and physical goodies is that you are supposed to replace the latter after some intensive use/cycles. That does not apply the same way to software as you can change the hardware it runs on and keep things going because the wear off happens on the physical parts.
Anyway, XP security model is broken by design, no question about that.
Not being hacked seems like a rather good reason to me.
Of course if that is not a good enough reason, don’t complain when your old unmaintained software lets hackers do whatever they want with your computer.
I appears to me that most vulnerabilities are in the stuff that runs on XP–most often Internet Explorer and Office. This particular problem was with IE for example.
Instead of taking the extreme step of switching operating systems, perhaps consider just using a modern browser and client software. Chrome or Firefox and LibreOffice would be good choices.
I would expect a site with a name like OS News to at least properly differentiate between an operating system and a web browser. Perhaps that is too much to ask. And this is not a security site I suppose. So, nuanced security advice might also be too much to expect.
I mostly run Linux myself (although I am on a Mac at the moment). Ironically, the biggest real security problem of late (Heartbleed in OpenSSL) impacted me and my Linux systems but Windows XP users continued without a care in the world. Ironically, Apple moved off OpenSSL in 2011 but Apple users had to deal with another SSL issue (GoToFail) just a few weeks ago. Again, Windows XP users remained unscathed.
If Windows XP users “deserve” security problems, what have us Linux and Mac folks done to deserve so much worse and what “modern” software should we be using instead?
Our company still has Windows 98 in production use and it will likely not be updated anytime soon. It runs a couple of old Summa vinyl cutters which don’t have software support for anything more recent than Win98. They also have a parallel port dongle and connect to serial ports which aren’t easy to find in today’s computers. The system is even on the internal network. Not public internet though. I once spend half a day trying to update the system to XP and gave up. It might be possible to run it with some virtualization and emulating the dongle but as long as the rig works why spend days trying to fix it. So until we invest in new hardware we are stuck with Win98 and also XP on other machines. And this probably is the case with a lot of other companies too. The manufacturers are lazy to support old hardware and port their drivers/software to new operating systems. They are more willing to just sell you a new machine altogether.
To say XP is ‘crap’ is an uninformed and frankly stupid comment. It makes me doubt your ability to write intelligent articles. XP is an o/s and it does the o/s tasks perfectly well. It does them as well as when it was first designed. If I want a file then the o/s gives it to me. If I want memory then XP supplies it and handles other processes demands. What is it doing now that makes it ‘crap’?. A New GUI on metro?
If security is the issue then take steps to secure the system. They are straight forward and relatively easy to achieve. If XP is ‘crap’, then VMS and other older o/s are ‘crap’ but they still run half the vital infrastructure of the whole world.
Please don’t make daft comments as it demeans you and brings the veracity of your future comments into doubt.
<“If you’re still on Windows XP, you deserve to be insecure (…) time to move on.”>
If you’re still reading OSNews, you deserve to read that kind of crap. Time to move on.
Ha! agreed…
It’s the truth. Can’t handle it eh?
Edited 2014-05-05 11:18 UTC
All an o/s has to do is perform file, process and memory operations. XP does it well. The GUI and the look and feel is an irrelevance to many who need stability for whatever reason. Vista, 7 and 8 are NT6 and based largely on NT5. They are all very much a muchness. No new o/s here just versions of the same code base with a new GUI to fool the twits and to make more money. XP if treated like an o/s is stable and secure. Just handle it in a grown up fashion and it will stay like that – ignore the fan boys and those who cannot understand. IF you can’t understand why anyone would stay on XP that’s your own ignorance, there are hundreds of reasons why and they are all there for you to explore if you can be bothered.