Keep malware threats and operating systems in perspective

Q: I read your column about protecting Windows XP from malware (see tinyurl.com/yapl8out). I would like to point out that XP users are not just putting themselves at risk. They are endangering everyone else by using PCs that can be taken over and used in botnets (groups of malware-infected computers used to attack websites, steal data or send spam e-mail.) It would be better for all of us if vulnerable software like XP was permanently retired.

Michael Fleming, Minneapolis

A: It's tempting to blame Windows XP users for being easy malware targets. But people with newer operating systems are actually the bigger security threat. There are more of the newer systems (making them a bigger target for hackers) and they have plenty of vulnerabilities.

In fact, Windows XP didn't even make the list for the "most vulnerable operating systems" last year. Instead, the riskiest operating systems, based on the number of known vulnerabilities, were considered to be Android, Linux, iOS (iPhone), Mac OS X, Windows 10, Windows Server 2016, Windows Server 2008, Windows Server 2012, Windows 7 and Windows 8.1 (see tinyurl.com/ybr3a9j4).

It's worth noting that some XP users (such as individuals, charities and churches) probably can't afford to upgrade because they would need to buy new PCs capable of running Windows 7, 8.1 or 10.

Q: My six-month-old Epson wireless printer worked until the most recent Windows 10 automatic update. Now I get an error message that says "the specified driver is invalid." I downloaded the latest Epson driver software and reinstalled the printer, but it didn't help. An Epson representative said the problem lies with Windows 10, not the printer software. What can I do?

Randy Spaise, Plymouth

Windows 10 provides a way for you to "roll back" the software driver portion of an update that adversely affects your printer (or any other PC device.) It also offers a software tool that will "hide" the troublesome portion of the update so that it won't be automatically reinstalled on your PC later. (See tinyurl.com/yc9qydzg for details and a link to download the tool.)

Q: Why must I address an e-mail correctly in order to reach the recipient, yet people can send e-mails to me with bogus addresses or no address?

Sal Ragusa, Jefferson, La.

A: The people who sent you these e-mails — which are spam — are using your real e-mail address. But the "to" and "from" fields visible atop the e-mail have been faked, or left blank, using a technique called "e-mail spoofing."

Spoofing aids a spammer in two ways: It conceals the sender's real identity and tries to pique your interest with false "to" and "from" information. The spammer hopes you will be intrigued or irritated enough to respond to the e-mail, thus confirming that you have a working e-mail address to which more spam should be sent. To avoid this, don't respond to spam. Send it to your e-mail provider's spam filter so it can be blocked in the future.