Researchers have determined that if you were to install Windows XP and connect it to the Internet to download the security updates, your chances of getting the updates before being hacked are slim to none
If you want to use XP (as I and other computer security experts often recommend), use the following best practices when installing XP:
1) Don't install with the network cable attached. At least one commentor on the article cites a time when his windows 2000 (the basis of XP) was hacked during
2) Get Windows Service Pack 3 which contains a cumulative patch of years worth of security updates. Download SP3 onto a second computer, move it to the new one, and install it offline [download here
3) Install a virus scanner and a firewall
prior to connecting the cable.
4) Download (on second computer) updates to Internet software such as Microsoft Office and Internet Explorer. While you can (and should) use Firefox instead of Internet Explorer, IE is integrated with the operating system so it's a good idea to keep it updated anyway.
You can also download incremental security patches from the Microsoft Download Center
, but I couldn't tell you which ones are relevant and which aren't. I believe that Microsoft removes all security patches that are bundled into service packs already so, in theory, you should just download any security patch listed for XP on their site. If you can confirm this, please post it in comments.
, Windows XP