As October 14, 2025 draws near, Windows 10 support will officially end—and that date marks more than just a milestone. For IT leaders, it's the deadline for security, compliance, and operational risk. Based on our recent Logically Uncovered webinar panel with Alex Burton, Microsoft Partnership Manager, Jake Tarrant, Manager, Incident Response, and Eric Porto, Virtual Chief Information Officer, here’s what you need to know and do now to protect your organization.
“Windows 10 reaches its end of support … in October, 2025,” Alex Burton reminded us, underscoring urgency.
After the end-of-support date, Microsoft will stop providing security updates, patches for vulnerabilities, and technical support. Enterprises operating on Windows 10 past that date must either enroll in Extended Security Updates (ESU) programs, or face growing risk on every endpoint. As Jake Tarrant put it, “What this deadline really means from security and compliance risks to hardware limitations, hidden costs and prioritization strategies…”
On the ground, Windows 10 still holds a major share of desktop usage. As of December 2024, the U.S. desktop market share for Windows 10 was approximately 62.7%, with Windows 11 at around 34.2%. (StatCounter, December 2024) For organizations, that means millions of machines are in scope for upgrade or mitigation.
If you can’t fully replace or upgrade your environment before October, there are temporary mitigations. Jake emphasized the role of Endpoint Detection & Response (EDR) and Managed Detection & Response (MDR) platforms: “These EDR platforms will continue to support Windows 10 for a couple of years after.”
Other interim steps include limiting internet connectivity for certain endpoints, removing unnecessary network exposure (like air-gapping non-critical devices), and staying current on third-party patches and vendor updates. Eric Porto noted, “Be vigilant about third party patching … just because Microsoft’s not going to be putting out new patches doesn’t mean some of these other companies won’t.”
Another option is Microsoft’s Extended Security Updates. While ESUs cover critical vulnerabilities and can serve as a temporary buffer, they add per-device cost and leave Microsoft to determine which issues qualify as “critical.” Most severe exploits are typically patched through ESUs, but this approach is best viewed as a short-term safeguard, not a sustainable path forward.
Stopgaps buy time—and that time should be used wisely. They are not substitutes for a strategic upgrade plan.
Hardware compatibility is one of your biggest hurdles. TPM 2.0, modern CPUs, and baseline RAM (16 GB for many office users) are needed to run Windows 11 smoothly, especially in remote or hybrid environments. As one panelist observed, “We’re really starting to see that 16 gigs of RAM starts to be the minimum for a functioning PC for a remote office worker.”
Many organizations are already estimating that 30-50% of their Windows 10 devices will not be eligible for in-place upgrades and will need full replacement. Beyond eligibility, factors like CPU ordering lead time, budget approval, and hardware lifecycle must be baked into your planning now.
Declining to act doesn’t just delay a project—it accrues costs across multiple dimensions:
From the market data side, consider the cyber insurance premium climate: in the U.S., direct written premiums for cyber insurance policies reached $9.84 billion in 2023, reflecting growing exposure and risk across industries. (NAIC Cyber Report, 2024) It’s a signal: insurers are paying attention to risk posture, including outdated software risk. (StatCounter, Marsh)
How should you decide what to upgrade first? Our panel offered a framework based on risk, usability, and impact:
The ESU program from Microsoft provides extra time—but it comes with trade-offs. ESUs cover only critical and high severity vulnerabilities, not OS enhancements or feature updates. Prices increase year over year. Jake noted the structure: “$30 the first year, $60 the second year, $120 the third year … it doubles in price every year.”
But there’s more: many cyber insurance providers don’t accept ESU-only configurations as compliant. As Alex said, “Cybersecurity insurance providers will not recognize the ESU program as a viable alternative to upgrading to Windows 11.” For most user workstations, ESU should be seen for what it is: a temporary bridge, not a long-term destination.
Regulators and auditors will increasingly expect organizations to show they have a plan for OS transition:
As Alex observed, “Running unsupported systems … these technical events don’t become a major business risk,” but only if leadership treats them as such.
These figures illustrate two things: the scale of the problem and the window for action.
So what should you be doing if you’re responsible for getting ahead of this?
The Windows 10 end-of-support deadline is coming fast. Letting it slip by unaddressed will cost more—in security risk, compliance risk, downtime, and insurance exposure—than acting now. Don’t enter 2026 with blind spots. Start planning, start upgrading, and treat this not as “another IT project,” but as a core business imperative.