That's a good thing, since these days many malware programs attack third-party programs instead of XP itself. After all, with 13 years of endless hacking, Microsoft finally has nailed shut most of XP's holes.
One favored third-party means of attack is Java. Oracle's most recent patch set for it had no fewer than 36 security patches for Java alone. Java just isn't worth the risks it exposes you to. Unless you absolutely must use it -- on any operating system, not just XP -- you'll be much safer removing it from your system.
You can also protect your aging XP PC by putting it behind a firewall. Well, you should have been doing that all along, but if you're going to continue to use it and you don't have it behind a firewall, now is the time to take that step. You'll need all the protection you can get.
Another useful XP security trick is to set up users with limited accounts. Installing new software or hardware with a limited account can be a pain, but how often are you going to be doing either with your old XP box? A good deal more defense for a little trouble is a trade well worth making.
So should you try to eke another year of life out of XP? I wouldn't.
Keeping XP safe is only going to get harder as months go by. Eventually, someone will craft a new XP crack that's going to break XP security like an egg.
Come that day, I expect Microsoft to reluctantly issue an emergency fix if there are still, say, 10% of users running XP at the time. But, it won't do it with dispatch, and the new security hole may not become known for a while. Do you want your PC to be ransacked by vandals during the zero-day period? I wouldn't.
Still, if you can't bring yourself to switch quite yet, you can keep running XP for now. Just don't think that you're going to be able to keep doing it safely. You may have years instead of weeks, but XP's end of life really is in sight.
Sign up for Computerworld eNewsletters.