Windows 10 End-of-Support: What You Need to Know

Windows 10 End-of-life

May 2, 2025

Share:

 

 
After October 14th 2025, Microsoft will stop providing technical support, stability and performance improvements, and free security patches for the final feature release of Windows 10: version 22H2.

Security updates will be available, at a cost, but will only fix bugs Microsoft deems critical or important, such as remote code execution or privilege escalation flaws. Reliability issues, performance issues, and lower-severity bugs will be left unpatched.

After October 14th 2025, Windows Update will effectively go on strike for millions of Windows 10 PCs. This will leave almost 30% of Windows PCs in the UK without security patches, making them sitting ducks for malware gangs and hackers.

Why End of Support for Windows 10 22H2 Is a Strategic Risk

If you take no action to prepare for the forthcoming end of support, your Windows 10 machines will turn into a serious security problem after October 14th.

History tells us what happens when a major operating system reaches end of life. When Windows 7 support came to an end in 2020, attacks spiked as threat actors targeted newly vulnerable machines.

After October 14th 2025, Windows 10 becomes a prime target for hackers and ransomware gangs, as a large portion of PCs globally will be left unpatched, exploitable by an ever growing range of known vulnerabilities.

Organisations running Windows 10 22H2 unpatched risk security breaches that could prove expensive, disruptive, and reputationally damaging.

Unpatched systems will likely invalidate cyber insurance coverage and could compromise compliance with Cyber Essentials and ISO 27001 requirements.

The popular Cyber Essentials cybersecurity certification scheme views unsupported operating systems as non-compliant. The only way to use such machines is to isolate them from the Internet and from your network or remove them from your certification’s scope.

That would likely require you to ban any user running unpatched Windows 10 from connecting to your in-scope IT systems. This is a disruptive stopgap that is hardly viable long term.

UK GDPR mandates “appropriate technical and organisational measures” to protect personal data. Failure to patch could result in a data leak, ransomware incidents, legal liability, and in rare cases, a fine by the Information Commissioner’s Office.

There is also the practical issue of access to corporate systems. Unpatched devices may fail security posture checks enforced by Mobile Device Management (MDM) tools such as Microsoft Intune. If a Windows 10 laptop fails these checks, the remote or hybrid users might lose access to Microsoft Teams, OneDrive or SharePoint, disrupting users’ ability to do their jobs.

Support for Microsoft 365 apps on Windows 10 is also ending after October 14th, so it’s not just operating system updates that could stop. Microsoft Office users could see performance issues go unpatched and miss out on functionality updates that will be available to users running Windows 11.

Delaying the purchase of new Windows 11-compatible hardware could leave you at the back of a queue, as organisations scramble to prepare for the end-of-support deadline.

According to Statcounter, Windows 10 usage in the UK dropped from 58% to 44% in the seven months to March 2024. If this pace of migration to Windows 11 holds, 30% of UK PCs will be running Windows 10 when support ends.

Many users haven’t yet realised they’re going to have to pay for security updates or be left at risk. When they do, expect a surge in last-minute purchases of Windows 11 machines.

Windows 10 22h2 isn’t the only Microsoft product hitting end-of-support after 14 October 2025. Exchange Server 2016 and Exchange Server 2019 will do too. IT teams may have email server migrations to carry out, in addition to Windows 10 migration work.

Back to top

Your Options

1. Upgrade to Windows 11 If Device Is Compatible

This is your most likely and cost-effective path, assuming hardware compatibility.

Operating system upgrades from Windows 10 to Windows 11 are typically free, and licences are bundled with Microsoft 365 E3/E5 and F3 plans (including no-Teams SKUs).

Around 88% of devices are expected to be compatible, and a RAM upgrade or BIOS update may be all that’s needed in marginal cases.

Some teams may choose to re-image devices rather than perform in-place upgrades. Both options are viable, depending on estate size and risk appetite.

2. Replace Incompatible Hardware with Windows 11-Compatible Devices

Approximately 12% of Windows 10 devices won’t support Windows 11 at all. Replacing these older devices with Windows 11 PCs is likely to be the most cost-effective way to eliminate your Windows 10 risk.

Some PC manufacturers offer trade-in schemes to reduce total cost.

3. Pay for Windows 10 Extended Security Updates (ESU)

This can serve as an insurance policy if you are unable to complete your migration in time.

  • MAK keys: $61 (Year 1), $122 (Year 2), $244 (Year 3). Skipping prior years isn’t allowed. Three years of updates would cost $487 total per device!
  • Cloud activation via Intune/Windows Autopilot: $45 (Year 1), $90 (Year 2), $180 (Year 3). $360 over three years—a special offer that may not last.
  • Consumer (Home/Pro) editions of Windows 10: $30 (Year 1 only), via the Microsoft Store.

You must be running Windows 10 22H2 to apply the Extended Security Updates. Patch your Windows 10 machines on or before 14 October 2025.

4. Run Windows 11 on Unsupported Hardware

Some of your devices might be able to run Windows 11 even though they don’t quite meet the published hardware specifications for which support is offered. This may require a registry hack. Proceed at your own risk.

Even though security updates may still be available, they aren’t guaranteed for unsupported devices, so this approach can potentially invalidate some cybersecurity certifications and cyber insurance coverage.

5. Azure Virtual Desktop (AVD)

Windows 10 desktops delivered as part of Azure Virtual Desktop come with free extended security updates for one year. This provides a convenient way to run Windows 10 apps from Windows 11 (and non-Windows) endpoints.

6. Windows 10 Long Term Service Channel Versions

You could downgrade from Windows 10 22H2 to similar, older, slightly less feature-rich versions that continue to benefit from security updates:

  • LTSC 2019: Security updates until 2029. Useful for specialised devices that can’t tolerate feature updates.
  • IoT Enterprise LTSC: Updates until 2032. Designed for fixed-purpose devices in heavily-regulated industries such as Financial Services or Healthcare.

This option is really for niche cases where business-critical Windows 10 apps need to run locally but aren’t compatible with Windows 11.

7. Do Nothing

Rely on firewalls, antivirus software, and network controls. Hope Microsoft voluntarily issues emergency patches for the most egregiously dangerous bugs. Use “virtual patching” from third-party vendors who have no access to the Windows 10 source code. This ‘do nothing’ approach is a high-risk option that is best avoided.

Back to top

Windows 11 Hardware Requirements

Trusted Platform Module: TPM v 2.0 support. TPM can be built into CPU or may be a chip on the motherboard. With most modern PCs, you’ll likely have the former. In some cases, where the hardware is already there, enabling the TPM may require a BIOS update.
Firmware: UEFI (Unified Extensible Firmware Interface), Secure Boot capable.
Processor: 1GHz+ 64-bit processor with at least two cores, on a compatible 64-bit processor or System on a Chip. Such as Intel 8th Gen Core (2017 onwards) or AMD Ryzen 2000 series (2018 onwards), or newer.

Slightly earlier processes (Intel 7th Gen) may be able to run Windows 11, even though they’re not listed by Microsoft as being supported. Upgrading those systems may require a registry hack.

Memory: 4 GB.
Storage: 64 GB.
Graphics: DirectX 12 or later with WDDM 2.0 driver.
Display: 720p display greater than 9″ diagonally, 8 bits per colour channel.

Back to top

What You Should Do Right Now

1. Desktop Asset Inventory

Know your device fleet. Identify:

  • Devices already on Windows 11.
  • Devices running Windows 10 that meet Windows 11 hardware requirements
  • Devices that can run Windows 11, if you make a registry hack, but aren’t officially supported
  • Windows 10 devices that require replacement.

2. Assess App Compatibility

Audit your desktop software stack. Are all your apps Windows 11-compatible? If not, can they be upgraded to a version that is? Is there a cost to that? If a new version is required, does that adversely impact functionality, usability, plug-ins or integrations? Is app performance still acceptable? Microsoft’s App Assure service may help if you’re a Microsoft 365 subscriber seeking to overcome Windows 11 app compatibility issues.

3. Leverage MDM, Windows Autopilot and OneDrive

Microsoft Intune and Windows Autopilot can enforce policy, manage upgrades, and streamline deployment. If you are paying for M365 and aren’t using these options, now’s the time to start. There’s currently a 25% discount on Windows 10 ESU costs if licences are activated via Intune or Autopilot.

If users store their work locally, consider rolling out file-syncing tools such as OneDrive to simplify backups and give your IT team the option to reimage compatible Windows 10 devices with an appropriate Windows 11 image, without losing the users’ files.

4. Start Upgrading Now – Before You Need To

Begin with the low-hanging fruit— upgrading users running Windows 10 that already have Windows 11-compatible hardware and applications. This will greatly reduce your organisation’s attack surface and cut your exposure to extended security update costs.

5. Order New Windows 11-Compatible Hardware

Avoid the late 2025 supply squeeze. Your new devices are likely to be far more energy-efficient than your older, pre-2017 devices that were incompatible with Windows 11. These newer devices will help your organisation cut its ongoing carbon emissions.

6. Securely Dispose of Legacy Devices

Wipe data thoroughly, then sell or recycle devices in an environmentally-considerate way.

7. Support Users During Transition to Windows 11

Keep spare laptops for temporary use during upgrades. Offer Windows 11 training to users and IT staff. Address lingering issues—e.g. legacy peripherals that need 32-bit drivers. Update IT documentation and employee IT training materials.

Back to top

Why an Upgrade to Windows 11 Often Makes Business Sense

Besides providing a supported alternative to Windows 10, Windows 11 offers several advantages:

  • Long-Term Support: Windows 11 was released in 2021, offering support and free security updates through 2031, provided regular patching continues.
  • Security benefits: There’s enhanced malware protection via TPM 2.0 and Secure Boot.
  • Energy efficiency: Windows 11 PCs tend to be power-efficient, minimising carbon emissions and running costs. For laptops, this efficiency results in longer battery running times and lighter devices.
  • Office Suite Features: Microsoft 365 users will continue to receive feature updates on Windows 11. Windows 10 users won’t receive these Office updates.
  • No ESU Costs: Your operating system security patches are free for years to come.
  • Reduced Platform Complexity: Standardising on Windows 11 for all PC users simplifies IT training and support.
  • Superior Stability: As the world’s most popular desktop OS, Windows 11 will benefit from Microsoft receiving a huge and growing volume of telemetry data with which to identify security, compatibility and performance issues.

Back to top

Plan, Pilot, Execute

Migration isn’t just a technical challenge—it’s a project requiring coordination across IT, procurement, and business units. Plan early:

  • Identify software and hardware gaps.
  • Conduct pilot migrations with representative user personas. This might cover power users, staff requiring atypical applications, developers, remote workers, and frontline staff.
  • Stagger rollouts to reduce disruption, risk, and IT department overwhelm.
  • Use downtime smartly—e.g. upgrade machines while users are on leave.
  • Make sure you communicate with senior leaders, managers and users, so they understand why it’s necessary to undertake this work. It’s obvious to you. It may not be obvious to them.
  • If your organisation is Cyber Essentials certified, you will need to ensure unsupported devices are out of scope by your next audit post-October 14th.
  • If you have cyber insurance, you will need to ensure you’re continuing to live up to the conditions upon which that coverage depends.

How Syntura Can Help

Call Syntura. We offer a free initial consultation to help you plan your Windows 10 exit strategy.

We can help you:

  • Audit and assess your desktop estate.
  • Determine app and device readiness.
  • Roll out Intune and Autopilot for a smoother upgrade path.
  • Source and configure new Windows 11 hardware.
  • Run proof-of-concept migrations.
  • Minimise disruption and extended security update costs.

You choose how much to do in-house and how much to delegate to us. We complement your internal team, bringing migration experience, technical know-how and additional capacity.

📞 Contact us on 020 7847 4510 to ensure you’re ready for the end of Windows 10 support.