Windows 10 End of Life: What Businesses Need to Do

Windows 10 reached end of life on 14 October 2025. For businesses, this is not just a technical inconvenience — it has real implications for security, compliance and operational risk. This guide explains what your business needs to do, and how to prioritise the work.

Why End of Life Matters More for Businesses

Home users face security risks from using Windows 10 after end of life. Businesses face those same risks, plus additional concerns:

• Regulatory compliance — running unsupported software may put you in breach of UK GDPR, Cyber Essentials, ISO 27001, PCI DSS or other frameworks your business is subject to
• Cyber insurance — many insurers now ask whether systems are on supported operating systems; running EOL software may void or limit your cover
• Supplier and contractual requirements — some contracts and procurement frameworks require evidence that systems are maintained with current security patches
• Incident liability — if you suffer a breach on an unpatched system after EOL, demonstrating that you knowingly ran unsupported software weakens your legal position

Step 1 — Audit Your Devices

Before you can plan a migration, you need to know what you have. Run an inventory of all Windows 10 devices across your business:

• Use Microsoft Endpoint Manager or Intune to query OS versions across managed devices
• For smaller environments, check via Settings > System > About on each machine
• Use PowerShell to query all domain-joined machines: Get-ADComputer -Filter * -Properties OperatingSystem | Where {$_.OperatingSystem -like "*Windows 10*"} | Select Name,OperatingSystem

Note which machines can run Windows 11 (check with PC Health Check), which cannot due to hardware, and which are on the borderline.

Step 2 — Check Compliance Requirements

Review the specific compliance obligations that apply to your business:

• Cyber Essentials — requires all software to be supported and receiving patches. Windows 10 after EOL fails this requirement unless covered by ESU.
• UK GDPR — requires “appropriate technical and organisational measures” to protect personal data. Running unsupported OS on systems holding personal data is difficult to justify as appropriate.
• ISO 27001 — Annex A control 8.8 (management of technical vulnerabilities) requires a process for managing patches and vulnerabilities. EOL systems breach this control.
• Cyber insurance — check your policy wording; many now have explicit provisions about patching and supported software.

Step 3 — Plan Your Migration

Most businesses will need a phased approach:

Phase 1 — In-place upgrades

For PCs that meet Windows 11 hardware requirements, upgrade them first. This is free, preserves existing apps and settings, and can be done remotely via Windows Update for Business, WSUS or Intune. This is typically the majority of devices in a business that has refreshed hardware in the last 5 years.

Phase 2 — Hardware replacement

For PCs that cannot run Windows 11, plan a phased replacement. Prioritise devices that handle sensitive data or are business-critical. Modern Windows 11 business PCs typically cost £500–£800 for a solid mid-range machine.

Phase 3 — Extended Security Updates as a bridge

Microsoft offers Windows 10 Extended Security Updates (ESU) for businesses, providing up to 3 years of continued security patches (to October 2028) at increasing annual cost. This can serve as a temporary bridge while hardware replacement programmes are completed. It is not a long-term solution but can help with budget phasing.

Windows 10 Extended Security Updates — Pricing and Details

Microsoft announced ESU pricing for Windows 10:

• Year 1 (Oct 2025 – Oct 2026): $61 per device
• Year 2 (Oct 2026 – Oct 2027): $122 per device
• Year 3 (Oct 2027 – Oct 2028): $244 per device

For organisations enrolled in Microsoft 365 or Volume Licensing, there may be different pricing. ESU covers security updates only — no feature updates, bug fixes or support.

For a business with 50 devices that cannot be upgraded, even a 1-year ESU cost of ~$3,050 is likely cheaper than emergency breach costs. But replacing hardware before Year 3 is almost certainly more cost-effective than paying $244 per device.

Step 4 — Communicate and Prioritise

Once you have your audit and migration plan:

• Brief senior leadership on the risk and the migration plan
• Communicate to staff what changes are coming and when
• Schedule upgrades during low-activity periods to minimise disruption
• Test critical line-of-business applications on Windows 11 before rolling out widely
• Update your IT asset register and patch management records to reflect the new OS versions

What to Do Right Now

1. Run an OS version audit across all Windows devices
2. Identify which machines can upgrade in-place (check with PC Health Check)
3. Identify which machines need hardware replacement and create a budget
4. Decide whether ESU is needed as a bridge for any machines
5. Begin in-place upgrades on compatible machines immediately — it is free
6. Check your compliance obligations and document your migration plan

Related Guides

• Windows 10 End of Life: What It Means for You
• Can My PC Run Windows 11? How to Check
• How to Upgrade from Windows 10 to Windows 11
• How to Speed Up Windows 11
• How to Set Up Two-Factor Authentication