Windows 7 is one of the best things Microsoft ever released. The much-adored operating system wooed back users who reviled the disappointing Windows Vista, and it remained a comfortable refuge during the even bleaker Windows 8 era.
Even today, with Windows 10 fixing Windows 8’s worst mistakes and standing as a superb desktop operating system of its own, a legion of vocal PC enthusiasts swears by Windows 7. Why? Because it stays out of your way, and it just works.
Until today. On January 14, 2020, Microsoft ends Windows 7’s extended support. Windows 7 is dead.
Your PC will keep operating, of course. Microsoft isn’t literally pulling the plug on your devices. But Windows 7 won’t receive any more updates or security patches, meaning your PC will also be very vulnerable to all those nasty malware programs garnering headlines seemingly every day. If you keep using Windows 7—and over a quarter of all computers run it, per NetMarketShare—you’re on your own, and the Internet can get nasty.
We can help you stay as safe as possible, though.
Sticking with Windows 7 is not an option
Seriously: Switch away from Windows 7 by whatever means necessary. That’s our underlying recommendation. Sticking with Windows 7 was understandable before; now it’s a liability. With no security updates and a still-vast market share, Microsoft’s operating system will be a big, juicy target for hackers.
We recommend migrating to Windows 10 if you’re able to, and have a guide explaining your Windows 10 upgrade options. If you perform only basic tasks on your PC—email, web surfing, and documents—then Linux is a viable, user-friendly option these days. We’ve got a Linux beginner’s guide, too, and better yet you can try it for free with no risk to your main Windows 7 installation. You can probably still upgrade to Windows 10 for free, too.
But if you need to bide some time before making a switch, here’s how to keep Windows 7 as safe as possible.
Don’t use Internet Explorer
A lot of malware gets delivered via browser vulnerabilities, and a lot of those will be aimed at Windows 7 now that it’s wide open to attack. Microsoft’s ending support for Internet Explorer too, and you definitely don’t want to run an unsecured browser on an unsecured operating system.
The other top browser vendors will continue to support Windows 7, however. Google’s Chrome is popular, but Opera beat it out in our best web browser comparison, and Firefox is great, too (remember to update Firefox to avoid a recently revealed vulnerability). Switch to one of those—any will do, honestly—and make sure to enable automatic updates to keep those hatches battened down. This should be a top priority.
Choose your software wisely
That segues to a key point: Make sure the software you’re using still supports Windows 7, so that any potential security holes still get patched.
After browser vulnerabilities, poisoned Office documents are another frequent attack vector. If you’re still using Office 2007, stop—its support ended years ago. Office 2010 will continue to receive security updates through October 13, so you have a little time there. Microsoft will actually continue to support Office 2010 for the next three years (until January, 2023) if you subscribe to Office 365. If that’s not in your budget, check out our list of the best free Microsoft Office alternatives for other no-cost options, such as LibreOffice and Google Docs.
Java, Flash, and Adobe Reader are commonly targeted as well, so make sure they’re up to date if you need them. You might not, though. I was able to live my online life surprisingly well without them seven long years ago, and it’s even easier today, though it’s hard to replace some of the meatier features in Reader. Kick Flash and Java to the curb and only install them if needed. They’re in their twilight years.
Audit all your installed software, including browser plug-ins. If you don’t use it, ditch it. Many standalone programs offer an option to update automatically to newer versions as they’re pushed out. Activate it.
Install antivirus software
The free antivirus that Microsoft offers for Windows users works great for most users, but it won’t receive updates now that Windows 7 is end-of-life. Yes, Windows Security Essentials is dead too. Now that your operating system won’t receive security patches it’s even more crucial to run protection on your PC. That expired version of McAfee that came with your computer isn’t going to cut it.
An activated version might, though there are better options. Most security suites will continue to support Windows 7 for a while, and our guide to the best antivirus suites for Windows can help you find your best option. While you can cobble together an arsenal of free security tools, we recommend buying a premium version if you’re still running Windows 7. Modern security suites do much more than antivirus alone, protecting you against phishing, malicious ads, browser and email attacks, and more. If you’re running an unsupported operating system, investing in a rounded-out security suite is money well spent.
Norton Security Premium is the best pick for most people right now, but you have options. Again, check out our guide to the best antivirus to see all the security product’s we’ve tested. Be sure to check your chosen program’s Windows 7 support cycle before you buy, though. (Norton still works with Windows XP, even!)
Batten down the hatches
Hackers can’t hack what they can’t touch. Follow this pro tip from our old Windows XP safety primer:
“Barring being purely disconnected, if there’s a single tip that could make any Windows PC more secure, it’s this: Stay away from administrator accounts. If you’re blasted by malware, it can only do as much damage as the account it infects. Admin accounts give baddies the keys to your computing kingdom.
Once [Windows 7] stops being patched, stick to using a Standard account for your day-to-day activities if at all possible. Use an admin account to create the locked-down login and stock it with the software you need—keeping our previous program advice in mind—and then don’t stray from Limited land unless you need to install or update software. (And even then, only stick in the admin account for as long as is absolutely necessary to get the installation done.)”
You can go even further though. If your Windows 7 computer doesn’t need to connect to the Internet, physically disconnect it from the Internet. Pull the ethernet plug right out, or disable Wi-Fi.
Alternatively, if you only need legacy Windows 7 support for a program or two, you can run Windows 7 in a virtual machine on a modern, supported operating system, be it Windows 10 or some flavor of Linux. (Again, moving off of Windows 7 as much as possible should be the goal.) If the virtual machine gets compromised, you can just wipe it and start over, with no harm to your main installation. Just make sure you’re backing up the Windows 7 data so you can replace whatever’s lost.
Even with all these precautions in place, your PC can get pwned if you tell malware to come in. Use safe browsing practices to avoid being fooled into downloading malware by phishing attempts, malicious emails, fake updates and error warnings, drive-by downloads or other tomfoolery.
It’s not specific to Windows 7 security, but make sure you’re backing up your data and using a password manager, too.
Make plans to move on
Windows 7 was great while it lasted, but now it’s gone. While these tips will help you keep using the operating system for longer, running an unsecured OS in today’s hyper-connected world is inviting trouble. Start thinking about your future options, whether it’s snagging a free Linux distro, trying for a free Windows 10 upgrade, or straight-up buying a new Chromebook or Windows laptop. When the next catastrophic bug rears its head, you don’t want to be left in the lurch.
Be careful out there.