A client has a WinXP computer running an obsolete program he needs for his business and can't easily replace. He wants to keep using this machine for that purpose only past April 8. While he won't surf the net, the computer and program is used primarily from his home office via Logmein. He does also need to use it in person in the office.
Question: how (in)secure is this? I've told him if it is not used on the Internet he would be safe. If the only active connection is a Logmein connection, does that give him any security?