Re: Exactly how vulnerable are unsupported versions of Ubuntu?
As far as anything goes, I'd take an EOL version of Ubuntu over a current version of Windows any time.
It's really hard to say "exactly". Exactly what kind of answer were you looking for? A percent chance you'll regret the decision?
Vasa1 makes an excellent point--basically, it depends on your interaction with the outside world. If you're aware of the risk you're taking and you're extra careful, it will take your risk down somewhat.
As a side note, there are other things to consider in the decision whether or not to upgrade. For one thing, the more out-of-date you become, the harder it becomes to get support from the forums. Everyone else moves on, and your issues become ancient history. Also, support for interaction with the outside world can become an issue (flash support comes to mind, but I know there are others).
Lubuntu has been recommended. If you'd rather not jump from Gnome2 (which is no longer supported) to LXDE, though, I would suggest you use MATE. It's a fork of Gnome2 that is still supported (though not by the Canonical team). It's used by Linux Mint, so it's probably not going away any time soon. More at http://mate-desktop.org/
Jane, stop this crazy thing!