Well, the NSA recommends the following: Block TCP Port 3389 at your firewalls, especially any perimeter firewalls exposed to the internet. This port is used in RDP protocol and will block attempts to establish a connection. Enable Network Level Authentication. This security improvement requires attackers to have valid credentials to perform remote code authentication. Disable remote Desktop Services if they are not required. Disabling unused and unneeded services helps reduce exposure to security vulnerabilities overall and is a best practice even without the BlueKeep threat. But, as I have said before, most people who care about security use every tool at their disposal to ensure they and those for whom they are responsible are safe, the very most important being the application of patches as soon as they are available. Not applying patches is akin to anti-vaxers not vaccinating their children, and it allows these vulnerabilities to perpetuate in the wild. I agree with @Squid Surprise when he said "If you actually DID fall to a cyber attack, would anyone know? I assume you'd just ditch your $50 box at this point (cause anything with XP SP2 on it couldn't be worth any more than that) and get another PC and continue posting inane drivel on this site..." and also "this thread is about how the NSA are warning people to patch their machines... and since .00001 % of users are using XP SP 2, your comments are useless..." At this point, all Bullwinkle is doing is trolling.