when people say an os has no security updates and is vulnerable I have trouble to understand how exactly the computer is vulnerable. For example on a standard fresh winXP, what ways are there to compromise it from the network if it does not host any kind of server program?
Well.... XP pre SP3 had well known holes that made possible infections w/o any user iterations. BUT At the time was very common to have XP directly exposed to the internet, using a modem Nowadays almost all people is connected via a router, or even better the provider itself does NAT, so the scenario is very different than it was in 2002 or so. With a bit of brain XP can be as safe as any modern OS.
One major feature with XP was the introduction of the NTFS file system. I looked at it as a mixed blessing. The ability to create system snapshots was a big plus. But one thing I noticed was the way an NTFS formatted disk became fragmented so quickly compared to using FAT32. It seemed to me that once you defragmented an FAT32 disk, fragmentation remained low for quite a while, whereas with NTFS, fragmentation began almost immediately and got worse very quickly, and I believe those system snapshots had a lot to do with it.
I started with W98. Truly awful unless you love the colour blue (as in Blue Screen of Death). XP was a breath of fresh air and I stuck to it for way past its time. When I eventually was dragged into W7 I got used to it, although I longed for the ease I could get into XP's registry to raise a little hell. I'm sticking with W7 now until the end. (My end) Microsoft can go up in flames as far as I'm concerned these days. It's just a spyware hub today and nothing more.