Idle Windows XP and 2000 machines get infected with viruses within minutes of being exposed online — legacy OSes compromised by just connecting to the Internet

News
By
published

Hackers are always on the lookout for legacy operating systems.

Windows XP Malwarebytes
(Image credit: YouTube - Eric Parker)

YouTuber Eric Parker demonstrated in a recent video how dangerous it is to connect classic Windows operating systems, such as Windows XP, to the internet in 2024 without any form of security (including firewalls or routers). The YouTuber set up a Windows XP virtual machine with an utterly unsecured internet connection to see how many viruses it would attract. Within minutes, the OS was already under attack from several viruses.

It might seem silly to hook a PC up to the internet purposefully without using any security. However, in the early 2000s, catching a PC directly to the internet without a router was normal. Granted, Windows XP has a built-in firewall, and most people used anti-virus software at the time. Still, running in a completely unprotected state (intentionally or accidentally) was much easier than newer operating systems. On top of this, running Windows XP unsecured in 2024 is even more dangerous since the operating system no longer receives security updates, making it very easy for hackers to get into the OS.

Two minutes after hooking up his Windows XP virtual machine to the internet, Eric Parker found a couple of viruses that randomly installed themselves on the machine, including a virus dubbed "conhoz.exe." Soon afterward, another virus automatically created a brand new Windows XP account dubbed "admina" that apparently was hosting an FTP file server on the machine.

It didn't take long for many other trojans, viruses, and malware to appear on the system. Eventually, Eric Parker installed Malwarebytes on the XP machine to see how many viruses it would catch. It caught eight viruses classified as trojans, backdoors, DNS changers, and adware. There were still more viruses on the machine, but the free version of Malwarebytes Eric Parker used was only able to catch eight of them.

Windows 2000 suffers a similar fate

Eric Parker also did the same experiment in Windows 2000 and discovered even worse effects on the older OS. Within minutes of exposing the OS to the internet (and ensuring all ports are open, including ports for SMB), a virus installed itself on the computer and automatically shut down the virtual machine. After restarting the VM, more viruses appeared, eventually causing the operating system to blue screen.

These two demonstrations represent a worst-case scenario for both operating systems. Without the most basic security measures, online hackers can use tools such as nmap to detect the specific operating system version a vulnerability system is running and able to freely download and run viruses and malware directly on the system once they know it is a system that is vulnerable.

This sort of severe security vulnerability does not exist in modern operating systems. Windows 10 and Windows 11, for example, have far more robust security measures that prevent malware from simply installing itself, even if the firewall is turned off. Eric Parker confirmed that Microsoft operating systems dating back to Windows 7 are unaffected by the previously demonstrated security vulnerabilities. He ran Windows 7 for hours without an anti-virus or firewall on another VM and did not detect any viruses on the system.

Aaron Klotz
Aaron Klotz
Contributing Writer

Aaron Klotz is a contributing writer for Tom’s Hardware, covering news related to computer hardware such as CPUs, and graphics cards.

14 Comments Comment from the forums
  • PEnns
    Makes me wonder how those people / companies who are still running pre Windows 7 versions are doing.....
    Reply
  • ezst036
    I'm so thankful I upgraded entirely out of the Windows ecosystem into Linux. It's just so much easier.
    Reply
  • rluker5
    PEnns said:
    Makes me wonder how those people / companies who are still running pre Windows 7 versions are doing.....
    Fine if they stay completely isolated from the Internet.
    Reply
  • bit_user
    The article said:
    The YouTuber set up a Windows XP virtual machine with an utterly unsecured internet connection to see how many viruses it would attract.
    This was a terrible idea, even back when these operating systems were still getting security updates!

    The article said:
    in the early 2000s, catching a PC directly to the internet without a router was normal.
    Not really, since most internet providers provide some degree of security, if only to keep people from trying to run businesses while merely paying a residential rate for their service. So, even if you think hooking up your machine directly to a cable modem is pitting it on the open internet, it's really not.

    PEnns said:
    Makes me wonder how those people / companies who are still running pre Windows 7 versions are doing.....
    Read the article. Nobody puts unprotected PCs on the open internet - not even 20 years ago.
    Reply
  • Alvar "Miles" Udell
    According to a 2007 report by the Pew Research Center it wasn't until the latter half of the 2000s that dualup internet, which doesn't use a router, dropped under 25% of the American population, and even the 15% figure in 2007 was a large number of people. Also according to the US Census, in 2019 a quarter of a million people still were counted as using dialup alone.




    Read the article. Nobody puts unprotected PCs on the open internet - not even 20 years ago.

    I guarantee you you're wrong. Windows XP didn't gain an automatic firewall until SP2, and combined with the number of households using dialup internet at that time period, over 30%, the vast majority of PCs were not protected.
    Reply
  • pjmelect
    What the article did not say was that the version of XP used was the original released version of the program without any updates. XP sp3 with all of the updates is still safe to use on the internet.
    I haven’t tried it but I wonder if the release version of Windows 10 without any updates would fair any better. The main problem with using XP nowadays is that the browsers don’t support many of the web sites.
    Reply
  • s997863
    Is the headline trying to imply that Win10 could connect to the internet any more safely without a firewall?

    I've always used these with no issues: ZoneAlarm on XP, Windows10FireWallControl on Win7, and SimpleWall on Win10. No need for resource hogging anti-viruses with "real time" scanning.
    Reply
  • bit_user
    Alvar Miles Udell said:
    I guarantee you you're wrong. Windows XP didn't gain an automatic firewall until SP2, and combined with the number of households using dialup internet at that time period, over 30%, the vast majority of PCs were not protected.
    You seem to assume these dialup ISPs offered zero security? As I explained, I could plug my PC directly into my cable modem ...or a dialup one, but my ISP restricts incoming connections to my machine. You couldn't use CIFS filesharing over those connections, for instance, without at least using a VPN. In neither case are you on the open internet.
    Reply
  • Vanderlindemedia
    This is such old news... lol.

    I remember using ISDN (64kbps) to dial-up into the internet. With XP it was a matter of minutes before you where hit with the blaster worm.

    Problem is behind a router you have a very basic firewall; using Dialup or so there's no such thing as a firewall. So any port is open for bashing. Esp on a outdated OS.

    Lots of countries still using XP. You do the math.
    Reply
  • bit_user
    Vanderlindemedia said:
    Problem is behind a router you have a very basic firewall; using Dialup or so there's no such thing as a firewall. So any port is open for bashing. Esp on a outdated OS.
    You can run firewall software on the PC with the modem, or connect the modem to a different PC that functions as your firewall. I'll grant that probably 0.1% of dialup users did the latter.
    Reply