The demonstration was just that; an extreme example to make the point that some vulnerabilities don't need the user to access a dodgy site or software. A fully patched OS is the last layer of security, and is necessary because the other protections don't have total coverage. I'd expect the same test done with a recent patched OS to show the OS not being compromised, or at worst a lot longer before the machine is compromised
Windows 10 users after 14 October 2025
- Thread starter Paul_Smith SRCC
- Start date
Page may contain affiliate links. Please see terms for details.
The demonstration was just that; an extreme example to make the point that some vulnerabilities don't need the user to access a dodgy site or software. A fully patched OS is the last layer of security, and is necessary because the other protections don't have total coverage. I'd expect the same test done with a recent patched OS to show the OS not being compromised, or at worst a lot longer before the machine is compromised
As a parallel test I recruited 5 people to carry out a simple test for vulnerabilities butt naked and using no danger detecting skills or self awareness. I asked them to walk in a straight line without stopping. Two got run over, one walked off a cliff, one ended up in a bramble bush and one walked straight into a fence.
After installing self awareness, active obstacle tracking, impact detection and clothing with basic body armour the same test prevented all injuries and fatalities. A fully patched human being is the last layer of security and is necessary because the protections mother nature gave don't have total coverage.
The point is that the demonstration was pointless as it wasn't representative of anything remotely realistic, and was therefore a bit pointless.
Realistically, Windows 10 is fine to use because it is still pretty secure. Yes, there may be some vulnerabilities that don't get patched, but what is the risk of that? Some annoying software? A ransomware attack is unlikely and you still have antivirus / windows defender. They can't access your banking or credit cards provided you are using 2FA which almost every one has to do. Both of the annoying viruses I had to deal with primarily hijacked the browser to make the end user use websites and search engines that would generate add revenue for the virus owner. Both of those viruses were self installed by someone who clearly didn't pay enough attention in her internet safety classes and got duped.
If you can get to 11 it's better, but it's not a dealbreaker to stay with 10. People used XP for years after support was ended.
wiggydiggy
Legendary Member
I see the problem with that first run, they were all facing in different directions when they started walking and 1 of them actually walked backwards. The first run of the test wasn't specific enough
🤦♂️The point of the demo, once again, is to show that some of the vulnerabilities that exist don't need user action. Some people seem to think if they don't go on dodgy site, and don't download software, they're safe regardless. That's not the case. It didn't have to be realistic to make that point. WannaCry ransomware, mentioned by Ming above, used one such vulnerability.
It is now, yes. On day 1 after end of support it will still be ok to use. However the risk increases the longer it's out of support.
As above it wouldn't have been too bad initially, but an increasingly ill-advised course of action the longer time went on.
markemark
Veteran
If I were a hacker targeting an OS next year I’d be going for w10 as it’s no longer being patched and there’s a large number of small and medium sized business still using it. W11 will be more secure and windows xp/7/8 etc will be barely used. After a couple of years I’d be switch focus to w11 as the number of w10 users diminishes.
Ming the Merciless
There is no mercy
- Location
- Inside my skull
The same guy
He ran Windows 7 for hours without an anti-virus or firewall on another VM and did not detect any viruses on the system.
Demonstrating that they do need the user to take action on more modern versions of Windows. Even if you turn off their firewalls and anti virus and bypass router security for laffs.
That's largely because they are. Windows Defender does a fairly good job and many people install their own antivirus software.
In a similar vein most people are safe from lightning bolts. However if you run in metal armour to the top of the highest hill and wave an iron sword around your safety threshold greatly reduces.
Earlier, you mentioned Wannacry. This can infect PCs either by the user running malware or via the EternalBlue vulnerability in the SMB protocol, so it can infect machines over the network without user intervention.
Here's the MS security bulletin for update 4013389 which patched the EternalBlue vulnerability, in the following OS major versions:
Windows 7, Vista, 8.1, 10
Windows Server 2008, 2012
(XP was not mentioned as already well out of support when the bulletin was released)
Later OS are less affected, but not unaffected. The whole point of my posts is as time goes on, more vulnerabilities are found and the OS version gets less secure. This will tail off as they get so old as to be not worth targeting any more. I doubt many folks are looking for holes in NT 4.0.
Neither of which help with there's a vulnerability like EternalBlue.
Better not to be out in the storm at all than running around the top of the hill in the rain wearing your finest rubber Windows Defender suit!
Ming the Merciless
There is no mercy
- Location
- Inside my skull
Well it does because you have not only your routers firewall but also the Windows Defender firewall. The incoming SMB traffic would not be allowed.
Seevio
Guru
- Location
- South Glos
I've had an old laptop set up with a fresh install of XP SP3 on my network for the last 24 or so hours. It has no admin or user passwords, the firewall is turned off and no AV is installed. It has had access to the internet the entire time.
As suspected, it remains free of any visible malware.
I then tried some browsing but IE8 was it's own very specific world of pain. It wouldn't even load the firefox download page. I eventually got a version of chrome to run but it wasn't happy with anything produced in the last decade.
I may try this again with an internet facing, completely unprotected win11 machine to see what happens.
As to the OP, win 10 will probably be ok, especially if you use a live disk of some sort for secure stuff. You should still get a new machine though. 4GB of RAM hasn't been enough for a long time.
As suspected, it remains free of any visible malware.
I then tried some browsing but IE8 was it's own very specific world of pain. It wouldn't even load the firefox download page. I eventually got a version of chrome to run but it wasn't happy with anything produced in the last decade.
I may try this again with an internet facing, completely unprotected win11 machine to see what happens.
As to the OP, win 10 will probably be ok, especially if you use a live disk of some sort for secure stuff. You should still get a new machine though. 4GB of RAM hasn't been enough for a long time.
HMS_Dave
Grand Old Lady
Its all about options ay it? I switched to Linux a number of years ago with a thread on it somewhere. But I run a number of old devices on it. But there are options for people. W11 can be installed with on unsupported hardware and W10 has a support for another 3 years if you pay for it and it doubles in price every year. My concern is so many less tech knowledgeable people are going to bundle over that deadline without really understanding the implications of it so long as their device turns on and works that's all that'll matter.
OP
OP
Paul_Smith SRCC
www.plsmith.co.uk
- Location
- Surrey UK
I'd imagine there will be literally millions of users that will do that. I know a few who are still using Windows 7 online and when I ask them do they realise there maybe implications they simply say "really; but I've been using it for years..."
