UK Windows 10 End of Support 2025: 21 Million at Risk and ESU Options

Millions of UK computer users now face a sharply increased cyber-risk as Microsoft withdraws free security updates for Windows 10 on 14 October 2025, and a new consumer survey suggests a significant portion of those users are planning to stay put. The consumer watchdog survey estimates about 21 million people in the UK still use a PC or laptop running Windows 10; roughly 26% of those respondents said they plan to continue running Windows 10 after updates stop — a number that translates to around 5.5 million people who will be exposed to any new vulnerabilities that arise after support ends. With official patches ending, households and small organisations that delay or ignore the transition will face elevated exposure to malware, ransomware and identity theft — and a wider set of economic and environmental consequences.

Background / Overview​

Microsoft’s lifecycle policy has long been the backbone of security for billions of Windows endpoints. In clear terms, end of support means that on 14 October 2025 Microsoft will stop providing security fixes, feature updates and technical support for Windows 10. Computers running Windows 10 will continue to operate, but they will no longer receive security patches that close newly discovered vulnerabilities.
Microsoft is offering a limited breathing space for some users through its Consumer Extended Security Updates (ESU) program: consumers can enroll to receive security updates for up to one additional year (through 13 October 2026) via a consumer enrollment path that includes a free option for some devices (by syncing PC settings to a Microsoft Account), a redemption of Microsoft Rewards points (1,000 points), or a one-time purchase (a modest fee in local currency equivalent to $30 USD for eligible devices). Businesses and larger customers have separate ESU purchasing options, with volume-licensing channels offering multi-year coverage at different price tiers.
The consumer watchdog’s survey (a nationally representative sample conducted in the months before the deadline) found:

• An estimated 21 million UK people still use Windows 10 on a laptop or desktop.
• 26% of these users intend to keep using Windows 10 after support ends.
• Approximately 39% planned to upgrade to Windows 11 on their existing device.
• 14% expected to buy a new machine.
• 6% said they would switch to an alternative OS such as Linux.

These figures make the problem more than academic: millions of endpoints will move from being actively maintained products to effectively legacy systems open to attack.

---

What “end of support” actually means for households​

When an operating system reaches end of support, the practical consequences are immediate and measurable:

• No new security patches: Newly discovered vulnerabilities will not be fixed on Windows 10. Over time, more vulnerabilities will be identified; with no patches, those gaps become reliable attack vectors.
• Increased malware and ransomware risk: Unsupported systems are a proven target for opportunistic criminals, who weaponize unpatched flaws.
• Compatibility and functionality drift: Third‑party software and drivers will eventually stop supporting the old OS, producing application errors and peripheral failures.
• Loss of vendor assistance: Microsoft customer support will no longer troubleshoot Windows 10 issues.
• Compliance and insurance exposure: For small businesses operating in regulated sectors, running unsupported software can complicate compliance and insurance claims if data is lost.
• Diminishing value for repairs and resale: The market for refurbishing and reselling obsolete, unsupported devices is likely to shrink, increasing the likelihood of disposal.

These are not theoretical outcomes; they mirror older end-of-life transitions (Windows XP, Windows 7) where unsupported platforms became conduits for large-scale compromise and operational disruption.

---

Why this is a UK problem worth worrying about (and why the 5 million figure matters)​

The oft-reported “5 million households at risk” headline is an understandable shorthand, but it deserves precision. The consumer survey estimated 21 million people actively use Windows 10 in the UK; 26% of that group indicated they would keep using it after the EoS date. That percentage equates to approximately 5.5 million people — a figure that headlines round down to “5 million.” Whether you read that as people, devices, or households, the scale is significant.
Why size matters:

• Attackers scale their campaigns; a pool of millions of unpatched machines becomes low-hanging fruit for automated malware and credential harvesting.
• A large base of compromised home devices can be leveraged in botnets that amplify attacks on critical infrastructure or businesses.
• The social and financial harms are concentrated among those least able to afford an upgrade — retirees, low-income households and people who use their older PCs for basic tasks like banking and email.

The result is a public‑interest problem: not only are individual users at risk, but wider digital ecosystems — banks, service providers, healthcare portals — also face amplified phishing and fraud attempts because legacy endpoints are easier to breach.

---

Microsoft’s options and the transition pathways​

Households and small offices have four primary options when faced with Windows 10 end of support:

• Upgrade to Windows 11 (free for eligible devices): Devices that meet Windows 11 hardware requirements (notably TPM 2.0, UEFI with Secure Boot, minimum 4 GB RAM and 64 GB storage, compatible processors) are eligible for a free upgrade. Microsoft offers a compatibility checker to verify eligibility.
• Enroll in Consumer ESU: Eligible Windows 10 devices can receive one additional year of security updates through 13 October 2026. Consumer enrollment options include syncing settings with a Microsoft Account (no additional charge for many devices), redeeming Microsoft Rewards points, or a one-time purchase (around the equivalent of $30 USD per device).
• Switch to an alternative OS: Install a mainstream Linux distribution or ChromeOS Flex on older hardware that cannot meet Windows 11 requirements. These can extend useful life for many machines, but require technical comfort and a willingness to change workflows.
• Buy a new PC: A direct path to continue receiving vendor support and security updates, but the most expensive route. Microsoft and retailers offer trade-in and recycling programs to mitigate the financial and environmental impact.

Each pathway has trade-offs. Upgrading to Windows 11 preserves Windows workflows and receives ongoing updates but requires compatible hardware. ESU buys time at modest consumer cost but is a stop-gap, not a long‑term solution. Switching to Linux or ChromeOS can rejuvenate old machines but has a learning curve and possible application compatibility issues. Buying new hardware gives the best security posture but imposes financial and environmental costs.

---

The hardware catch: why many PCs can’t simply be upgraded​

Windows 11’s system requirements are stricter than Windows 10’s longstanding minimums. The main sticking points for older machines are:

• TPM 2.0 (Trusted Platform Module) — a hardware-based security feature that many pre‑2016/2017 systems lack, or have disabled in firmware.
• UEFI with Secure Boot — some older BIOS-based systems don’t support these features.
• Processor compatibility lists — Microsoft limits supported CPUs to relatively recent families; some older but otherwise capable CPUs are excluded.
• Minimum RAM and storage thresholds (4 GB RAM, 64 GB storage) are less frequently an obstacle, but do matter on very old netbooks and refurb machines.

Because of these constraints, a substantial share of Windows 10 devices cannot take the direct upgrade route. Research firms have warned this incompatibility will increase e-waste and force users into one of the other pathways.

---

Environmental and economic ripple effects​

The end-of-support transition isn’t just a cybersecurity story — it’s an environmental and economic one too.

• Analysts estimate a non-trivial portion of the global installed base may be functionally orphaned by Windows 11 requirements, which could push working but unsupported devices toward disposal or low-value recycling.
• Refurbishers and resellers typically prefer devices that can be resold with a supported OS; unsupported devices lose market value faster.
• For households on tight budgets, the cost choice is stark: pay a small ESU fee, attempt a switch to Linux, or purchase a new machine.
• There is a social cost: the digital divide risks widening if lower-income groups disproportionately remain on unsupported systems.

This is an intersection of tech policy, sustainability and consumer protection — all factors small government agencies and consumer advocates highlighted when the deadline drew near.

---

Risks and threats households should understand now​

• Zero‑day exploitation becomes permanent exposure
  New vulnerabilities discovered after support ends will remain unpatched on Windows 10. Over time, attackers will probe and weaponize these gaps.
• Phishing and credential theft
  Unsupported machines may run outdated browsers or plugins and are often targeted by phishing campaigns designed to capture banking credentials.
• Ransomware
  Home and small-business devices are attractive ransomware targets; unpatched security holes increase the chance of a successful infection that encrypts personal files.
• False sense of protection
  Many users believe antivirus alone is sufficient. While antivirus helps, it cannot fully compensate for missing OS-level patches.
• Scams exploiting confusion
  The transition window creates scams — fraudulent “support” calls, fake installers, or bogus upgrade services that either steal money or install malware. Users who are suddenly prompted to pay for upgrades or receive unsolicited support offers should be cautious.
• Data loss from hardware replacement
  Users who buy new machines under time pressure risk inadequate backups and data migration errors.

---

Practical checklist for households (step‑by‑step)​

• Check whether your PC is eligible for Windows 11
• Run the official compatibility tool (PC Health Check) or check manufacturer guidance in UEFI/BIOS. If eligible, plan your upgrade.
• Backup everything before you change anything
• Use built-in backup tools or an external drive / cloud backup. Verify backups are restorable.
• Enable firmware security features if available
• Enter your PC’s UEFI/BIOS and enable TPM 2.0 and Secure Boot if the hardware supports them. This may be enough to qualify for an upgrade.
• If your device is incompatible, evaluate ESU, Linux, or a new purchase
• Consumer ESU offers a one‑year mitigation window; Linux/ChromeOS Flex may keep older hardware useful at zero or low cost. Buying new hardware provides the best long-term security.
• Avoid risky shortcuts
• Don’t use unofficial scripts or “registry hacks” to bypass requirements; unsupported hacks may leave your machine unstable and without guaranteed updates.
• Harden online accounts
• Enable two‑factor authentication (2FA) on email, banking and social accounts. This reduces the damage from compromised devices.
• Keep applications and browsers up to date
• Some third‑party vendors may continue to support older Windows versions longer than Microsoft does, but this is not a substitute for OS support.
• Learn to spot scams
• Beware of unsolicited calls or pop-ups claiming your PC is infected and asking for payment or remote access.

---

Cost and value: ESU versus upgrade or replacement​

• Consumer ESU: a low-cost, short-term mitigation (consumer enrollment options include a free route for some devices, rewards points, or a small one-time fee). It buys time but not a permanent cure.
• Business ESU: priced substantially higher, often used as a last resort in enterprise environments; pricing is tiered and typically rises each year.
• Upgrading hardware: trade-in programs, seasonal discounts and refurbished certified devices can reduce costs. However, a full hardware refresh remains the most expensive option.
• Switching to Linux or ChromeOS Flex: often zero-cost for the OS itself, but may require learning time and verification that essential apps (e.g., certain proprietary finance or creative tools) either have Linux versions or acceptable web alternatives.

Households should quantify the total cost of ownership for each route: short-term ESU cost + ongoing risk vs one-time replacement vs migration effort for an alternative OS. For many, the ESU path is the most pragmatic immediate step — provided users adopt it with a plan for longer-term migration.

---

Strengths of the current approach — and where it falls short​

Strengths:

• Microsoft provides a consumer ESU route, which is a pragmatic step to give households breathing room.
• Free upgrade for eligible devices preserves continuity for many users.
• Clear end-of-support dates allow consumers and organisations to plan.

Shortcomings and risks:

• Hardware barriers: stringent Windows 11 requirements exclude many otherwise usable devices, creating real affordability and sustainability problems.
• Information gaps: a sizable portion of users are unaware or indifferent to the timeline; the survey’s finding that a quarter plan to stay is an alarming symptom of both complacency and confusion.
• Environmental cost: the estimated scale of devices rendered economically obsolete will increase e-waste unless circular solutions scale quickly.
• Scam and fraud risk during the transition is high; vulnerable users may fall prey to fake “upgrade” services.

---

A pragmatic roadmap for community and policymakers​

• Consumer education at scale: public awareness campaigns should focus on simple, actionable steps (backup, check compatibility, avoid scams).
• Support for low-income households: discount programs, device subsidies or community refurb programs can reduce the digital inequality created by the transition.
• Boost circular economy measures: expand certified refurbishment and trade-in channels to keep usable hardware out of landfill.
• Stronger scam protections: banks, ISPs and retailers should coordinate to flag and block likely social engineering attempts tied to the EoS event.
• Local support clinics: libraries, community centers and councils could host drop-in sessions to help people enable TPM, backup data and upgrade safely.

---

Final assessment and recommendations​

The imminent end of Windows 10 support is a predictable milestone with predictable consequences, but its impact is amplified by human behavior: procrastination, cost sensitivity and inconsistent technical literacy. The consumer survey’s headline — that roughly a quarter of Windows 10 users plan to continue using an unsupported OS — should be read as a public‑policy signal.
For households the advice is straightforward and urgent:

• Treat 14 October 2025 as a hard deadline for action.
• If you can upgrade to Windows 11 without buying new hardware, do so after backing up your data.
• If you cannot upgrade, enroll in the consumer ESU to buy time while you plan a permanent migration.
• If budget is a constraint, evaluate ChromeOS Flex or a mainstream Linux distribution to keep your device functional.
• Harden your online accounts and use strong, unique passwords + 2FA.
• Beware of scams and never grant remote access to callers claiming to be “support”.

The situation is manageable if tackled early. The real hazard arises when millions of people postpone action — then attackers and the tech market will simply force the hand of individuals in more costly and riskier ways. The window to make a measured, secure and sustainable choice is closing; households and small organisations should use the remaining time to pick the route that balances security, cost and environmental responsibility.

---

Source: One News Page 5 million of UK households risk cyber-attacks as Windows 10 updates end