I still use Windows 7 on a regular basis and do not consider it to be a risk. If you know where to look, you can find unofficial updates as late as October 2024 for 32-bit. There's also the same kind of updates for 64-bit, but I wouldn't recommend any later than July 2024.

Chrome and Edge are way out of date, but only because of the corporate decisions of those companies. Firefox is much newer, so I guess you can go with that. There's also R3dfox and some other derivatives of the others that are more up to date.

There's still daily updates to the Defender signatures, and monthly updates of the Malware Software Tool.

Rather annoyingly, if you visit Google on other browsers, they harass you to install Chrome, saying it gets regular updates, which is a blatant lie, for which they should be prosecuted.

As for 2FA, the only place I have that is on Github, and there's tools available which work on Windows 7, so no need to worry about that.

All that having been said, you can upgrade if you want, but know that Windows 10 falls out of support some time next year, which leaves the unpalatable decision of buying a new computer so you can run Windows 11 on it, or getting some other non-windows OS.

Im still using XP...

about browsers you have thorium legacy or r3dfox for example among many options

I always presumed those risks being more theoretical than practical. Do you visit strange web sites all the time?

Hi there. Not sure if it is helpful but that's what I learned from Vogons.:
A few years ago, I've had mentioned concerns about leaving Windows 98 (and XP) unattended connected to the Internet.
Then quite a few friendly souls explained to me that malware doesn't run on outdated OSes and that drive-by-infections are nolonger a threat.
Ergo, malware merely affects current OSes that are up-to-date.

You can never tell for sure, even with a fully patched copy of Windows 11.

However, when something happens with an online transaction / you get phished / "hacked" and your bank or the store in question notices you run an OS that no longer is supported they might have the right to deny paying you any damages (even when your outdated OS isn't to blame). With the thriving second-hand market scoring a simple W11 compatible machine should not break the bank and could save you a lot of trouble. A cute little Prodesk 400 Mini G5 or something could do the trick.

Fr0ns, that's a good point.

Robbbert wrote on 2024-12-27, 02:11:

All that having been said, you can upgrade if you want, but know that Windows 10 falls out of support some time next year, which leaves the unpalatable decision of buying a new computer so you can run Windows 11 on it, or getting some other non-windows OS.

14 October 2025, although some versions of windows 10 are already out of support:

https://learn.microsoft.com/en-us/lifecycle/p … 10-home-and-pro

If you’ve got access to the LTSC editions then you can get another 2 to 4 years depending on which version (ironically the older 2019 LTSC has the longer support window)

Another alternative is to just not have the machine connected to the internet and use another machine running an up to date OS for your internet activity…

Jo22 wrote on 2024-12-27, 13:56:

Hi there. Not sure if it is helpful but that's what I learned from Vogons.: A few years ago, I've had mentioned concerns about l […]
Show full quote

Hi there. Not sure if it is helpful but that's what I learned from Vogons.:
A few years ago, I've had mentioned concerns about leaving Windows 98 (and XP) unattended connected to the Internet.
Then quite a few friendly souls explained to me that malware doesn't run on outdated OSes and that drive-by-infections are nolonger a threat.
Ergo, malware merely affects current OSes that are up-to-date.

I think that's a dangerous assumption here. The operating systems I will generally call 'NT 6.x' (i.e. Vista/7/8/8.1/10/11) share a lot of code, so I would think there's a reasonable likelihood that a bug patched today in Windows 10 22H2 might also be in 7 or 8, and therefore all unpatched versions are equally vulnerable to an exploit based on that bug.

I would agree, though, that I doubt any malware developers are targetting pre-NT 5 versions of Windows these days. Even XP, probably not so much. But there's still a decent amount of Windows 7 in the field...

I would say the most vulnerable OS is the version prior to the version that is currently being kept up-to-date. Same thing with software (e.g. Acrobat or MS Office) instead of OSes. The version prior to the one currently being up to date probably has most of the same security bugs but i) not only are they not being fixed, but ii) the fix in the current version is pointing the bad guys to the existence of the vulnerability.

Robbbert wrote on 2024-12-27, 02:11:

All that having been said, you can upgrade if you want, but know that Windows 10 falls out of support some time next year, which leaves the unpalatable decision of buying a new computer so you can run Windows 11 on it, or getting some other non-windows OS.

Or, if it's for home use (I would never ever do this for a business), just run Windows 11 unsupportedly. I've had 23H2 running on a 45nm C2Q just fine. 24H2 is... more stringent... in its true processor requirements so I think Core 2 is out. And it takes a bit more work to get it happy on a BIOS/MBR system (which is the easiest way to dual boot with XP).

Ironically, the only problem I've had with unsupported Windows 11 was 24H2 on a Haswell Dell OptiPlex with UEFI, secure boot, TPM... I forget if it was 1.2 or 2.0, etc. Started eating the Windows installs in a way that I had not seen in probably close to two decades. Second-newest unsupported system I've tried 11 on...

There's a cumulative update pack, currently dated December 12, which can be downloaded from MajorGeeks: https://www.majorgeeks.com/files/details/simp … updatepack.html

Windows 7 will receive security updates unofficially from the server branch for a few more years. And some anti-virus software suits also support it, like Kaspersky and Avast. But keep in mind that realistically only Firefox is usable now for safe browsing. And Steam may not be able to login next year. You have somewhere until the end of next year before Steam and Firefox completely drop the support. I doubt that VxKex fork will be able to keep up.

Also 32-bit version of Windows 7 is very much dead for a while.

The Serpent Rider wrote on 2024-12-27, 22:26:

Also 32-bit version of Windows 7 is very much dead for a while.

How so? Most of the programs I use still support it.

GemCookie wrote on 2024-12-28, 09:10:

The Serpent Rider wrote on 2024-12-27, 22:26:

Also 32-bit version of Windows 7 is very much dead for a while.

How so? Most of the programs I use still support it.

32-Bit is dead

The thread was locked, though. So I assume it's a rather controversal matter.

Anyway, 32-Bit Windows is nolonger being supported since Windows 11. And that's good, I think.

I'm not saying that 32-Bit applications are dead, though.
They can make use of nearly all features of a 64-Bit system (larger HDDs, hardware with 64-Bit drivers).

I mean, even back in the 80s people ran 8-Bit CP/M programs on 16-Bit computers through CP/M-80 emulators.
They could store files on large diskettes or HDDs, access serial ports and so on.

Fr0ns wrote on 2024-12-27, 15:15:

However, when something happens with an online transaction / you get phished / "hacked" and your bank or the store in question notices you run an OS that no longer is supported they might have the right to deny paying you any damages (even when your outdated OS isn't to blame).

No, they don't. Quit making stuff up.

dr_st wrote on 2024-12-28, 09:48:

Fr0ns wrote on 2024-12-27, 15:15:

However, when something happens with an online transaction / you get phished / "hacked" and your bank or the store in question notices you run an OS that no longer is supported they might have the right to deny paying you any damages (even when your outdated OS isn't to blame).

No, they don't. Quit making stuff up.

Since you're so sure that this isn't the case, do you have some sources to verify? I'm actually interested in the legal aspect of this. I can also imagine that this could differ greatly from country to country.

ncmark wrote on 2024-12-27, 00:59:

Just a general question - how much of a risk is it to continue to use Windows 7?
MOSTLY I just use it for browsing. Since they started two-factor authentication at work I quit using it check email from home (their loss)

Short answer: Yes, it is a risk. Don't do that, especially not for browsing the internet.

Longer:

Rule of thumb: Install _all_ security patches _immediately_ and only use currently supported operating systems (OS)[for microsoft windows that is 11 or 10 as of now].
(There are enough other messups like Crowdstrike thus that approach might render your computer super secure by making it unusable for *anyone* 😀

Any bug/glitch/security messup found in current OS versions is likely to exist in previous OS versions too and when a patch is released one can infer the original flaw.
This knowledge can then be used to attack unpatched OS previous versions like Windows 7.
Resulting malware can be delivered without you ever noticing it, i.e. by an image that is crafted to exploit a glitch in your browsers image processing which may lead to a complete takeover of your computer.
And guess what: email programs also process images 😉

The mentioned "unofficial" updates will only lead to a false sense of security.
They might be available later than the "official" updates (prolonged period of being vulnerable), they might address only some of the issues and they will most probably not be tested with older OS versions.

Cheers,
Flo

I have a compromise: Use Windows 7 as host OS and surf the web with a VM (Windows 10/11, Linux etc).
Most VM software allows to pass-through Ethernet traffic (exclusive/bridged, NAT etc) and USB devices.
So you could mount an USB Ethernet dongle inside the VM that only the VM can see (it's unmounted from host OS).

That being said, please make sure your host PC has an SSE 4.2 capable CPU, so it's sufficiently advanced.
It's not a strict requirement, but OSes like Windows 8.1/10/11 won't run on ancient PCs anymore.
Not in x64 editions, at least, I think.

PS: Using a dedicated VM for surfing has some advantages, too.
It's isolated, it can be "frozen" anytime and it is portable (except for Windows activation annoyance).
So you can have hundreds of tabs open while surfing and high memory usage,
but when you close the VM it's all written to disk and the RAM is free again.

About security, was funny to me have a good surprise last year. I get a call from a small company i worked 10 years ago, back on time i set up a NT4 server for controlling and doing software updates to some old robots they still have working in factory, like Italtech Alfa robots that still use floppy disk

Anyways, back on time, i write a script that every sunday the NT4 server will do a full backup on a external HDD raid 1 and in a tape drive

Well, they callme totally desperate, because they have a virus that encript everything, and only leave a txt with a instructions to send money to russian thieves. They ask for a insane amount of money nobody can pay, and finally they remember i was working there, and just callme to know if i can do something

I went there just to discover, every desktop computer that was running windows 10 was affected, two win11 laptop, and even a windows 8.1 tablet. freebsd server was not affected, but sadly all data that was shared on samba drive was encripted

The only windows machine was not affected... the old NT4 server, and because they call me the same week before sunday, almost if not all data can be recovered from HDD and Tapes. I was totally surprised my old backup script was still working... and running...

Fr0ns wrote on 2024-12-27, 15:15:

You can never tell for sure, even with a fully patched copy of Windows 11.

However, when something happens with an online transaction / you get phished / "hacked" and your bank or the store in question notices you run an OS that no longer is supported they might have the right to deny paying you any damages (even when your outdated OS isn't to blame). With the thriving second-hand market scoring a simple W11 compatible machine should not break the bank and could save you a lot of trouble. A cute little Prodesk 400 Mini G5 or something could do the trick.

Dont know your country, here in spain this not happen, not banks or government check any of this in case of claims

Jo22 wrote on 2024-12-28, 11:28:

That being said, please make sure your host PC has an SSE 4.2 capable CPU, so it's sufficiently advanced.
It's not a strict requirement, but OSes like Windows 8.1/10/11 won't run on ancient PCs anymore.
Not in x64 editions, at least, I think.

The 64-bit versions of Windows 8.1, 10, and 11 up to 23H2 only require the cmpxchg16b instruction. Most CPUs from 2006 onwards should suffice.

GemCookie wrote on 2024-12-28, 11:35:

Jo22 wrote on 2024-12-28, 11:28:

That being said, please make sure your host PC has an SSE 4.2 capable CPU, so it's sufficiently advanced.
It's not a strict requirement, but OSes like Windows 8.1/10/11 won't run on ancient PCs anymore.
Not in x64 editions, at least, I think.

The 64-bit versions of Windows 8.1, 10, and 11 up to 23H2 only require the cmpxchg16b instruction. Most CPUs from 2006 onwards should suffice.

Yes, I believe you. It was just meant as an indication.
Also, Windows uses all the instructions, it's just that they have workarounds ("emulation") built-in for obsolete CPUs.
The mpxchg16b instruction was used in Windows 7 already, but there was self-patching in Windows that made it run on old CPUs.
In Windows 8.1, the emulation code had been removed for performance/safety reasons.
Mac OS X has used similar technology, I think. Some older Hackintosh distros shipped with SSE emulators to support old PCs.

My Mac Pro 2006 (firmware 2,1) has Xeon 5150 CPUs not capable of SSE 4 and it shows.
The Mac Pro 3.1 from a bit later has SSE 4, by contrast and is much more suited for VMs in general.
That's why I consider swapping the internals (SSD, GPU, RAM) to a Mac Pro 3,1 in near future.

SSE 4.2 is also the CPU level that the x64 emulator in Windows 11 (ARM) provides.
It doesn't do AVX yet, but supports SSE 4.2; so x64 applications can safely use it.