TL;DR

Windows 10 stopped receiving security updates in October 2025. Every machine still running it accumulates known, public, permanently-unpatched vulnerabilities. It is an automatic Cyber Essentials failure, a cyber-insurance problem, and a breach waiting for a foothold. Count your machines, upgrade what can upgrade (usually free), replace what cannot, and do it as a staged plan rather than a panic.

Microsoft ended support for Windows 10 in October 2025. That was not a soft deadline, and it was not news: the date had been public for years. Yet a significant share of the business machines we audit across Kent are still running it, many months later.

If some of yours are too, here is what that actually means, without the scare-mongering but also without the comfortable vagueness.

What “end of support” means in practice

Since October 2025, Windows 10 machines receive no security updates. When a new vulnerability is found (and they are found constantly), Microsoft patches Windows 11 and leaves Windows 10 exposed.

Every month that passes, the list of known, public, never-to-be-fixed holes in your machines gets longer.

Attackers know this schedule as well as anyone. Unsupported operating systems are the softest target in any network because the vulnerabilities are documented and the fix will never come.

The four real costs

0security patches since Oct 2025
Instant failCyber Essentials, one device is enough
Declinedwhat your insurer says after a breach on unsupported kit

1. Breach risk that compounds monthly. An unpatched machine is not a static risk; it gets worse every patch Tuesday it misses. And one compromised machine is a foothold into everything it connects to: email, files, your finance system.

2. Automatic Cyber Essentials failure. Any device on an unsupported operating system is an instant fail. No discussion, no partial credit. A single forgotten Windows 10 laptop blocks the certificate for the whole organisation, and it is the most common failure point we see in real audits.

3. Insurance exposure. Cyber insurance proposals ask whether your systems are supported and patched. Answer yes with Windows 10 on the network and you risk a declined claim precisely when you need it. Answer no and expect loaded premiums, if you get cover at all.

4. Compliance and client trust. Client data on unsupported systems puts you on the wrong side of the “appropriate technical measures” language in UK GDPR, and larger clients’ supplier questionnaires increasingly ask directly.

”But the machines still work fine”

They do, and that is exactly why this problem persists. Nothing visibly breaks in any given month. The cost is invisible until the day it is not: a breach, a failed audit, a declined claim, a lost tender.

Running Windows 10 in 2026 is not a technology decision. It is an unpriced liability on your balance sheet.

What to do, in order

  • Count them. Most businesses do not actually know how many Windows 10 devices they have. Shadow laptops, the machine in the warehouse, the director's home PC that connects to email: they all count.
  • Sort into upgrade vs replace. Windows 11 needs TPM 2.0 and a supported CPU. Machines from roughly 2019 onward usually upgrade for free; older ones need replacing, and at 6+ years old they are usually due anyway.
  • Stage the spend. A phased replacement plan spreads the cost over months and does the riskiest machines first: anything internet-facing or handling sensitive data.
Don't buy ESU as a strategy

Microsoft sells Extended Security Updates as a bridge for stragglers, with a price that increases every year. It buys time for a handful of machines with a genuine constraint. It is not a plan, and the economics get worse annually by design.

Where we come in

Device audits, upgrade-or-replace calls, staged rollouts, and the procurement itself (quoted upfront, at trade pricing) are routine work for us. It is also the first thing we fix when taking on a new client heading for Cyber Essentials, because it is the fastest way to fail one.

Fifteen minutes with your device list is usually enough to tell you the size of the problem and the cost of closing it.

Related service: Cyber Security →

Not sure how many Windows 10 machines you still have?

We'll audit your devices, tell you which can upgrade for free and which need replacing, and price the whole plan upfront. No surprises.

Most calls answered within 4 rings  ·  ENQUIRIES 020 3822 0899  ·  SUPPORT 01622 586 001