If you're running a Windows Server 2003 machine, you have a problem.\u00a0Your already-vulnerable computer is now at severe risk of being hacked.That's due to the internet release earlier this month of a batch of updates that\u00a0paint a bulls-eye\u00a0on computers running Windows Server 2003, according to security researchers.\u201cI can teach my mom how to use some of these exploits,\u201d said Jake Williams, founder of Rendition Infosec, a security provider. \u201cThey are not very complicated at all.\u201dExperts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches that can address the threat.But some, particularly those in manufacturing and healthcare, cannot because they rely on\u00a0legacy software that won't run on a modern operating system.\u201cIt\u2019s usually very costly to upgrade,\u201d he said. \u201cAnd again, the machine is working fine, but control has to be done through Windows Server 2003.\u201dThere may be over 500,000 Windows Server 2003 machines publicly exposed to the internet,\u00a0according\u00a0to Shodan, a search engine for devices. But Williams estimates there are many more vulnerable machines running behind company firewalls.So,\u00a0for those that can\u2019t, here are some tips to keep your old Windows Server 2003 machine secure.The dangerThe spying tools include several Windows-based exploits, or hacking programs, that target the Windows Server Message Block (SMB) protocol, which is used for file-sharing purposes. The exploits work by remotely triggering the OS to execute code, which can be used to install other malware.Network segmentation and monitoringCompanies saddled with older Windows Server machines can still protect themselves. Williams suggests they go beyond putting vulnerable servers behind a firewall, and use a tactic called network segmentation.This can involve restricting access to your most critical servers, and ensuring only system admins can control them. \u201cSo instead of giving 20,000 people in a company access, you can cut that number down to 20,\u201d Williams said.Thus, if hackers ever do breach the firewall, they\u2019ll have access to a smaller segment of the corporate network.Network segmentation also doesn\u2019t cost a lot of money. Enterprise internet routers often contain access control features that can limit which computers can talk to what, Williams said.Businesses should also consider monitoring the vulnerable servers, or at least the ones carrying critical information. Any unusual data traffic moving through them is probably a sign they\u2019ve been hacked, he said.Weighing the risksTo keep malicious activity out of vulnerable systems, application whitelisting can also be used, said Jason Leitner, president of Below0Day, an IT security provider.Whitelisting works by allowing only trusted applications to run on a computer. It\u2019s the opposite approach of antivirus products, which essentially blacklists malicious programs based on known indicators.Businesses can also create backups of any sensitive data stored in these machines. One malicious threat that\u2019s been growing in recent years has been ransomware. It works by infecting a computer, and encrypting all the data inside. To free the machine, victims have to pay a ransom, usually in bitcoin.However, even with these safeguards, the best solution to protecting a vulnerable Windows Server system is to upgrade, according to security experts.Although it might be costly in the short-term, the investment can help businesses avoid a disastrous data breach. Tiago Henriques, CEO of security firm BinaryEdge, encourages businesses to calculate which is higher: \u201cThe cost of buying the upgrade or the damage to their brand and their clients if they get hacked?\u201dWhat do you think? Head to our Facebook page to let us know.