Europe Gets Free One-Year Windows 10 ESU for Private Users

Microsoft’s surprise reversal on Extended Security Updates (ESU) hands many European Windows 10 users a full extra year of security patches — at no cost — but the concession comes with conditions, a ticking clock, and important caveats users must understand before they relax.

Background: Windows 10 end of support, ESU basics​

Windows 10’s official mainstream support ends in mid-October, and Microsoft built an ESU program to give users and organizations a limited lifeline: security-only updates for a defined, short period beyond end of support. The consumer ESU window is explicitly designed as a transitional measure — it supplies only critical and important security fixes, not feature updates, bug fixes beyond security, or full technical support. Microsoft’s official guidance confirms the consumer ESU coverage window and the enrollment mechanisms.
Microsoft’s public documentation states that Windows 10’s final day of mainstream support is October 14, 2025, and that consumer ESU coverage for enrolled devices runs until October 13, 2026. Enrollment options published by Microsoft include three routes: a no-cost route for users who sync PC settings to a Microsoft Account, redeeming Microsoft Rewards points, or a one-time paid purchase (announced at roughly $30 USD or local equivalent). The ESU enrollment experience is surfaced via Settings → Update & Security → Windows Update when a device meets prerequisites.

---

What changed and why it matters​

In late September, Microsoft amended its consumer-facing enrollment flow for users in the European Economic Area (EEA): private (non-commercial) customers in the EEA can access one year of ESU updates without paying a fee and without the previously insisted-on requirement to enable Windows Backup/OneDrive backup. That concession follows sustained pressure from European consumer advocacy groups, most prominently Euroconsumers, which argued the previous conditions could constitute unlawful tying of essential security updates to other Microsoft services.
Key public-facing facts established by Microsoft and confirmed by multiple outlets:

• EEA private customers are eligible for a no-cost ESU option that provides security updates through October 13, 2026.
• The change is regional: outside the EEA the prior enrollment options remain in place (including the requirement to use Windows Backup/OneDrive to obtain the free option, or paying the $30 fee).

This is both a practical win for millions of Europeans still on Windows 10 and a notable regulatory victory: collective consumer pressure — amplified by the EU’s evolving enforcement environment around market practices — forced Microsoft to reconsider a policy that critics argued would erode consumer rights and push people toward ancillary paid storage services.

---

The enrollment mechanics: what European users must (and must not) do​

Although the EEA concession removes the explicit Windows Backup/OneDrive backup requirement for free ESU access, Microsoft’s enrollment process still ties the free option to a Microsoft Account (MSA). In short:

• To enroll in the free ESU pathway in the EEA, users must sign in with a Microsoft Account and remain signed in for the enrollment to remain valid. Microsoft has confirmed that enrollment is bound to the MSA used during the process and that long sign-out periods can interrupt coverage.
• Microsoft removed the ancillary requirement to back up settings, apps or credentials to OneDrive for the EEA free path — a central point Euroconsumers challenged — but the company still requires account-based enrollment for license binding and delivery of updates.
• Paid ESU remains available globally (including outside the EEA) as a one-time purchase for the consumer year option, and organizations retain the option to buy business ESU for up to three years under volume licensing terms.

Put bluntly: free for consumers in the EEA, but only if they sign into (and periodically remain signed into) a Microsoft account on the device. Non-EEA users still face the original trade-offs: enable Windows Backup/OneDrive or pay, or redeem Microsoft Rewards points.

---

Why regulators and consumer groups pushed back​

Euroconsumers and associated national bodies framed the debate as both a consumer-rights and a competition/compliance issue. Their objections centered on the idea that access to essential security updates — a de facto prerequisite for safe device usage — should not be conditioned on taking up additional proprietary cloud services or reward programs. The argument was that such conditions could amount to unfair tying or abusive commercial practices under EU consumer and digital market rules. Euroconsumers publicly urged Microsoft to provide a frictionless, no-cost security route for European consumers; Microsoft’s subsequent enrollment changes indicate the pressure had practical effect.
The regulatory backdrop in Europe — including the Digital Markets Act (DMA) and strong consumer-protection frameworks — gives consumer-only concessions like this extra political weight. Companies operating globally now face a patchwork of obligations: what they may be able to do in the U.S. can be restricted or reversed when it collides with EU law or the coordinated advocacy of European consumer organizations.

---

What this means for typical European home users​

The headline benefit is straightforward: no extra fee for one additional year of security updates, giving users breathing room to plan upgrades or hardware replacements. Practically, however, the concession solves only part of the problem.
Immediate benefits:

• Continued protection against critical and important vulnerabilities until October 13, 2026, for enrolled devices.
• Avoids immediate out-of-pocket expense for those who would otherwise pay the consumer $30 ESU fee (or face the backup/OneDrive catch outside the EEA).

Important limitations and practical realities:

• One-year limit: this is a short-term technical extension, not a long-term support plan. Users whose devices cannot upgrade to Windows 11 due to hardware requirements face a forced decision before October 13, 2026: replace hardware, migrate to another OS, or accept the end of security coverage. Consumer groups are already pushing for a longer extension; Microsoft has not agreed to extend free consumer ESU beyond the single year.
• Microsoft Account requirement: users who deliberately avoid MSAs for privacy or preference reasons must now weigh that choice against receiving free security updates. Microsoft’s enrollment is explicitly account-bound; even paid ESU purchases initially require signing in with an MSA to enroll (after which some local-account scenarios may behave differently).
• No feature or technical support: ESU is security-only. If an enrolled PC experiences non-security bugs or needs driver/feature updates, ESU will not cover those fixes.

---

Security, privacy and trust: the trade-offs​

The Microsoft Account requirement is the central trade-off. For many users, a free MSA is a minor inconvenience; for others, it raises legitimate privacy and control concerns. Key considerations:

• Account binding makes license management simpler and allows Microsoft to enforce enrollment rules, but it also creates a single point of identity for the device that Microsoft can link to telemetry, update rollouts, and cloud services unless users take explicit privacy steps.
• The EU concession removes the need to use OneDrive backups for the free route, reducing the risk of forcing consumers into paid cloud storage, yet using an MSA still exposes customers to data-collection and cross-service linking unless they configure privacy settings.
• Because ESU is short and limited, the long-term risk remains: millions of devices could be left exposed after the October 2026 cutoff if upgrades or migrations are not completed. Consumer advocates correctly argue that one more year may be insufficient to avoid a wave of vulnerable systems.

Regulatory and civil-society pressure clearly moved the needle, but the solution is a compromise: Microsoft removed a tying mechanism in the EEA while keeping account-based enrollment as the gate. That trade-off reduces the immediate legal friction but leaves unresolved questions about long-term product lifecycles and sustainability.

---

Are government agencies satisfied?​

Official security agencies such as Germany’s Federal Office for Information Security (BSI) have repeatedly urged users to upgrade or migrate well ahead of the support cutoff because security updates are essential. The BSI has consistently warned that unsupported Windows 10 systems will be exposed to increasing risk and has encouraged users to prepare alternatives. While multiple news outlets reported that agencies welcomed Microsoft’s concession, an explicit, broadly distributed public endorsement from the BSI applauding the change is not readily found in agency press releases; public-facing advice from national security agencies continues to emphasize timely migration rather than relying on short ESU windows. Readers should treat any single-agency “welcome” phrasing with caution unless it appears in a direct statement from that agency.

---

The broader policy angle: precedent and pressure​

This episode illustrates a few important trends in the EU technology-policy landscape:

• Regulatory leverage matters: the combination of EU consumer protections and organized advocacy by groups like Euroconsumers can generate swift commercial changes in global products and services.
• Territorial divergence: companies operating globally increasingly adopt region-specific policies to comply with local rules or to defuse local legal pressure, creating different experiences for users in different markets. The EEA carve-out is a prime example.
• Short-term remedies vs. long-term design: consumer groups are pushing for longer lifecycle expectations and less forced obsolescence; one-year ESU is a stopgap that does not address hardware requirements for Windows 11 or broader sustainability concerns.

If Microsoft’s concession becomes a template, other vendors might face similar pressure to decouple core security access from uptake of ancillary services in jurisdictions with strong consumer protections.

---

A practical, step-by-step checklist for European home users​

• Confirm your device’s Windows 10 build: ESU applies to eligible installations (Windows 10 version 22H2 and required cumulative updates). If you’re on an older build, update now.
• Decide whether to use a Microsoft Account: enrolling in the no-cost EU ESU route requires signing into Windows with an MSA. Create a dedicated MSA if you prefer separation from your primary identity.
• Enroll via Settings → Update & Security → Windows Update: watch for the “Enroll now” or ESU enrollment prompt as Microsoft rolls the wizard out regionally. Enrollment is staged; if you don’t yet see it, check for updates again in a few days.
• Maintain a recent backup: even though the free EEA path may not require OneDrive backup, keep a local or external backup of your personal files before enrolling or making system changes. Backups protect you from failures unrelated to security patches.
• Plan for the long term: use the extra year to evaluate options — upgrade hardware to meet Windows 11 requirements, consider alternative OS choices, or migrate critical data and applications. Do not rely on ESU as a permanent fix.

---

Recommendations for privacy- and security-conscious users​

• Use a dedicated MSA with minimal linked data for ESU enrollment; configure privacy settings to limit telemetry and cross-service sharing.
• Enable local encryption (BitLocker or equivalent) and maintain regular external backups to reduce dependence on cloud services.
• If you run critical apps on aging hardware that cannot upgrade to Windows 11, prioritize testing alternative OSes (mainstream Linux distributions) in parallel to avoid last-minute migration risks.
• Businesses and pro users should not assume the consumer ESU route is appropriate — commercial ESU options and volume licensing terms differ and carry costs; plan accordingly.

---

Risks and unresolved questions​

• Microsoft’s regional concession does not alter the global ESU structure; non-EEA users remain subject to the previous conditions. That disparity raises fairness concerns and creates administrative complexity for users who move between regions.
• The one-year extension leaves open the possibility of a substantial population of unmaintained devices in the EU after October 13, 2026, unless further policy action or vendor changes occur. Consumer groups are already pushing for an extension; Microsoft has not committed to one.
• Public claims that national security agencies “welcomed” the move should be treated cautiously unless confirmed by direct statements from those agencies. Official cybersecurity guidance continues to emphasize migration away from unsupported systems.

---

Conclusion: a win — but a conditional one​

Microsoft’s adjustment to make one year of Windows 10 ESU free for private customers in the EEA is an immediate, measurable win for consumer rights in practice: it removes an access-forcing condition and spares many Europeans the immediate $30 outlay. The concession demonstrates the tangible impact organized consumer pressure and the EU regulatory environment can have on global tech firms’ policies.
At the same time, the resolution is partial. The free access is time-limited, still requires a Microsoft Account, and supplies security-only patches — not a long-term fix for millions of devices that cannot meet Windows 11’s hardware demands. Users should take the extra year seriously: enroll if appropriate, maintain backups, and use the breathing room to plan concrete upgrades or migrations. Regulators and consumer groups may press for more durable solutions, but for now the practical advice is clear: treat this concession as a one-year safety net, not as a license to defer migration indefinitely.

---

Bold action combined with careful planning will be required over the next 12 months: European consumers gained a reprieve, but the clock is ticking and the choices ahead remain substantive and irreversible for many older systems.

---

Source: Basic Tutorials Microsoft gives in: Windows updates continue to be free in Europe

 

[ChatGPT]

Microsoft has quietly carved out a regional lifeline for Windows 10 users: consumers in the European Economic Area (EEA) will be able to receive one additional year of Extended Security Updates (ESU) without the backup-and-OneDrive conditions Microsoft originally tied to the free path — a concession that follows pressure from European consumer groups and the requirements of the Digital Markets Act.

Background / Overview​

Microsoft set a clear end-of-support date for Windows 10: October 14, 2025. After that date, machines running consumer editions of Windows 10 will no longer receive routine feature updates, support, or standard security patches — unless users enroll in one of Microsoft’s Extended Security Updates (ESU) options.
In response to the impending cutoff, Microsoft introduced a consumer ESU program that provides eligible Windows 10 devices with critical and important security patches for one additional year — through October 13, 2026 — but under specific enrollment rules and technical prerequisites. Microsoft’s published guidance spells out three consumer enrollment routes: a free option tied to syncing PC settings with Windows Backup, a Microsoft Rewards points redemption option, or a one-time paid purchase (roughly $30 USD or local equivalent). The ESU license is linked to a Microsoft Account and may be used across multiple devices (Microsoft has set the consumer cap at up to ten eligible PCs per account).
What changed this week is an important regional exception: within the EEA Microsoft has agreed to remove the requirement that consumers enable Windows Backup (and therefore actively push files/settings to OneDrive) in order to access the free ESU path — a move consumer groups framed as necessary to comply with the EU’s Digital Markets Act (DMA) and related consumer-protection rules. Microsoft says it will update the enrollment flow in the EEA “to ensure it meets local expectations and delivers a secure, streamlined experience.”

---

What Microsoft is offering — clear facts every user needs​

• End of mainstream support for Windows 10: October 14, 2025. After that date, standard security and feature updates cease unless a device is enrolled in ESU.
• Consumer ESU coverage window: Enrolled devices will receive only security updates (no feature updates or general technical support) through October 13, 2026.
• Enrollment methods (global baseline):
• Free if you sync your PC settings using the Windows Backup experience linked to a Microsoft Account.
• Redeem 1,000 Microsoft Rewards points.
• Pay a one-time $30 USD (or local equivalent) license that covers up to 10 eligible devices tied to a single Microsoft Account.
• Technical prerequisites: The device must be running Windows 10, version 22H2 (Home, Pro, Pro Education, or Workstation editions) with the latest cumulative and servicing-stack updates installed before enrollment will appear. Administrator rights and a Microsoft Account are required to claim ESU.
• EEA exception: For consumer devices in the European Economic Area, Microsoft will allow a free ESU path without requiring the Windows Backup sync step — though a Microsoft Account is still required and the company has added a sign-in validation cadence in region-specific guidance (see risks and mechanics below).

---

Why the EEA exception happened — law, leverage, and the Digital Markets Act​

The EEA concession traces to pressure from Euroconsumers and other European consumer advocates who argued Microsoft’s initial ESU enrollment conditions — effectively tying the free option to enabling Windows Backup (and thereby nudging users toward OneDrive storage) — could contravene EU rules on fair market behaviour encapsulated in the Digital Markets Act (DMA). The DMA prohibits gatekeeper platforms from making essential services conditional in ways that steer users toward the platform’s own services, and regulators and consumer groups have used its leverage to compel changes from other tech giants in recent months.
Microsoft’s statement to press outlets acknowledges that the enrollment may vary by region and that the EEA flow will be updated to “meet local expectations and deliver a secure, streamlined experience.” That phrasing is significant: it signals Microsoft’s willingness to customize product policy where local regulation or intense consumer advocacy raises legal or reputational risks.

---

Enrollment mechanics and the real differences between EEA and non-EEA users​

The mechanics matter — and they differ depending on where your PC is located.

For non-EEA users (most of the world)​

• The free consumer ESU option requires enabling Windows Backup to sync PC settings to OneDrive and signing into a Microsoft Account; that sync is how Microsoft validates free eligibility.
• If you do not want to enable the sync path, you can either redeem 1,000 Microsoft Rewards points (no cash) or make the $30 one-time purchase and still receive ESU coverage.
• Enrollment is surfaced via a staged “Enroll now” option in Settings → Update & Security → Windows Update; rollout has been staggered and some users report the toggle isn’t visible yet.

For EEA (European Economic Area) users​

• Microsoft will offer a free ESU enrollment path without requiring the Windows Backup step — meaning users don’t have to be pushed into OneDrive backups to qualify for zero-cost security coverage.
• A Microsoft Account (MSA) is still required to enroll; Microsoft’s region-specific guidance also warns that the account must be used to sign in at least once every 60 days or ESU updates will be discontinued and the device will need to re-enroll. That 60-day cadence and the MSA requirement are material differences that affect privacy-conscious or offline users.

---

Who qualifies — eligibility check​

Before you attempt to enroll, verify all of the following:

• Your device runs Windows 10, version 22H2 (not older builds).
• All current cumulative updates and Servicing Stack Updates (SSUs) are installed.
• You have administrative rights on the device.
• The device is not (for the consumer ESU path) joined to Active Directory domains, Microsoft Entra / Azure AD, enrolled in MDM, in kiosk mode, or otherwise managed by an organization — those configurations are excluded from the consumer program.

If your device does not meet these criteria, your options are: upgrade the hardware where possible to Windows 11, replace the PC, or consider enterprise ESU or third-party security compensations (which carry their own costs and complexities).

---

Step-by-step: how to enroll (short, practical guide)​

• Confirm you are on Windows 10, version 22H2 and fully patched (use Settings → Update & Security → Windows Update to check).
• Sign into the PC with a Microsoft Account (if you haven’t got one, create a free MSA).
• Open Settings → Update & Security → Windows Update and look for the “Enroll now” or consumer ESU enrollment prompt.
• Choose an enrollment method:
• Free (sync PC settings with Windows Backup) — global; or EEA free option where available without backup.
• Redeem 1,000 Microsoft Rewards points.
• Make a one-time $30 purchase for a license that covers up to 10 eligible devices.
• After enrollment, confirm the device is listed as ESU-enrolled in Windows Update and verify that critical security updates begin to appear after October 14, 2025.

---

Strengths of Microsoft’s ESU approach — what’s positive​

• Safety valve for consumers: ESU creates a practical bridge for households with older but functional PCs that cannot meet Windows 11 hardware requirements.
• Multiple enrollment paths: The mix of a free path, rewards redemption, and a modest paid option gives consumers flexibility rather than forcing an all-or-nothing hardware upgrade.
• Device coverage cap is consumer-friendly: Allowing a single ESU license to cover up to ten PCs under one Microsoft Account is a meaningful concession for families or hobbyists with multiple older machines.
• Regulatory responsiveness: Microsoft’s EEA concession illustrates that consumer advocacy and law (notably the DMA) can produce concrete results — a useful precedent for regulators and users who insist on competition and non-discriminatory access to essential security.

---

Risks, trade-offs, and unanswered questions​

• Microsoft Account requirement remains: Even in the EEA, consumers must use an MSA to enroll. That means users who intentionally avoid cloud-linked accounts for privacy or policy reasons still face friction; the 60-day sign-in cadence adds ongoing constraints. This trade-off shifts the problem rather than removing it.
• No technical support or feature updates: ESU provides only security fixes classified as critical or important. Users should not expect performance or compatibility fixes, and many third-party apps and drivers will age without active testing on Windows 10.
• Staggered rollout and enrollment reliability: Reports show the enrollment wizard has been phased and in some cases briefly broken — users should expect inconsistent availability and to verify their patch status after enrolling.
• E-waste and upgrade pressure narratives: Claims that hundreds of millions of PCs will be discarded because of this transition should be viewed skeptically without corroborated market analysis. Broad figures circulating in commentary are difficult to verify and may conflate “at-risk” devices (unsupported, less secure) with actual consumer behavior and replacement cycles. Flagged: the headline figure of “400 million” PCs at risk requires independent sourcing and should be treated cautiously until validated.
• Geographic fairness and competitive pressure: While the EEA concession benefits European consumers, users elsewhere still face conditional free options. That geographic divergence may spur future regulatory action in other jurisdictions or motivate Microsoft to harmonize policy globally — but it also leaves many consumers outside Europe exposed to pay-or-sync trade-offs.

---

The privacy and business model angle: OneDrive, Microsoft Account and incentives​

Microsoft’s original free-ESU path appears to have been structured to nudge users into Windows Backup and OneDrive — steps that increase cloud engagement and have commercial upside for Microsoft if users exceed their free 5GB allocation. Consumer groups argued this looked like an unfair tie-in of a necessary security resource to a vendor’s ancillary service, which is exactly the type of practice the DMA aims to curb. The EEA agreement reduces that linkage but does not eliminate the Microsoft Account requirement. That means Microsoft still benefits from improved account attachment and device telemetry while addressing the explicit DMA concern about mandatory backup.
Privacy-conscious users should weigh the trade-offs: a short-term security win (ESU coverage) vs. the requirement to authenticate with a cloud identity and maintain occasional sign-ins. The choice is not purely technical — it’s increasingly a policy and values decision.

---

Security context: why ESU matters in practical terms​

Once mainstream security updates stop, unpatched vulnerabilities become a target-rich environment. Attackers rapidly adapt to exploit widely deployed software, and unsupported systems often compound risk by running outdated browsers, drivers, and third-party software. ESU mitigates some of that risk by delivering critical and important patches, giving households and small users breathing room to plan upgrades or replacements. The one-year ESU window is a pragmatic compromise for many — but it is only that: a temporary mitigation, not a permanent fix.
Important nuance: Microsoft has also committed to continued Edge browser updates across Windows 10 through later dates (Edge and WebView2 support timelines extend beyond the ESU window), which protects at least one major attack surface — the browser — for longer. Still, browser updates are not a substitute for operating-system-level security patches.

---

What consumers should do now — a practical checklist​

• Verify your PC’s Windows 10 build: must be 22H2 and fully updated. (Settings → System → About; Settings → Update & Security → Windows Update).
• Decide on your risk tolerance: if you plan to keep the PC past Oct 14, 2025, prepare to enroll in ESU or upgrade hardware to Windows 11.
• For EEA residents: watch for the region-specific enrollment flow and confirm whether the Windows Backup requirement has been lifted in your case; plan to sign in with your Microsoft Account at least once every 60 days to avoid enrollment lapse.
• Back up essential data independently of any enrollment step — local or cloud backups reduce the chance of data loss during any migration or reinstallation.
• If you prefer not to use a Microsoft Account, evaluate the paid $30 ESU license (you must still sign in to enroll), or plan an upgrade/replacement timeline.
• Monitor Windows Update after enrollment and verify that security updates are being delivered post-October 14, 2025.

---

Policy implications and the broader technology landscape​

Microsoft’s concession in the EEA is a clear example of how regional regulation (DMA) and consumer advocacy can reshape product policies. The change is not just about Windows 10 ESU — it signals to other global platforms that obligations under DMA-style rules can force operational changes that protect consumer choice and prevent conditioning essential services on ancillary product use. Regulators, consumer groups, and companies will watch closely to see whether this localized compliance becomes a template for other markets, or whether Microsoft will prefer a patchwork of regional policies.
At the same time, the scenario reveals tension between security, privacy, and business models. Asking consumers to tie security to a vendor account is practical for distribution and license management — but it raises questions about user autonomy and vendor leverage. The EEA resolution softens one aspect of that tension while leaving other trade-offs (account sign-in requirement, limited coverage period) intact.

---

Final analysis: who wins, who loses, and what to watch​

• Winners: European consumers who now can get one year of ESU without being forced into Windows Backup; consumer advocacy groups who used legal pressure to win a concrete concession; households with many older PCs who can defer expensive upgrades.
• Losers: Consumers outside the EEA who still face conditional free access or a modest fee; privacy-focused users who dislike Microsoft Account requirements; and those who hoped for a multi-year free ESU pathway.
• Watch next: Whether other jurisdictions adopt DMA-like rules or consumer groups elsewhere leverage this outcome to seek similar concessions; how Microsoft implements the EEA enrollment flow and whether the 60-day sign-in policy becomes a practical barrier; and any follow-up from Euroconsumers demanding longer consumer ESU beyond the one-year window.

Caveat on certain figures being circulated in the press and social channels: broad statistics about “400 million PCs” becoming obsolete or “a tsunami of e-waste” as a direct consequence of Microsoft’s policy change are not substantiated here and should be treated as assertions requiring independent verification. Those claims mix plausible risk scenarios with speculative market behavior and should not be used as a factual basis for individual decisions without corroboration.

---

Microsoft’s EEA concession is a narrowly tailored, legally informed adjustment that protects a subset of consumers while leaving the company’s broader global policy intact. For millions of households the concession buys time; for others it crystallizes new trade-offs between convenience, privacy, and platform lock-in. The practical advice is straightforward: confirm eligibility, enroll if you intend to keep running Windows 10 beyond October 14, 2025, and treat ESU as a temporary, defensive measure — not a permanent alternative to upgrading to a supported operating system.

---

---

Source: News18 Microsoft Offers Free Windows 10 Update Till 2026 But Only For These PC Users: Know Why