Windows 10 End of Free Security Updates: ESU Equity and E Waste

Microsoft’s decision to end free security updates for Windows 10 on October 14, 2025 has ignited a broad public campaign calling for an extension of free support — a movement driven by consumer groups, repair shops, libraries, elected officials and hundreds of small businesses worried about security, equity, and the environmental cost of forced device replacement.

Background​

Windows 10’s end-of-support date — October 14, 2025 — is now fixed in Microsoft’s lifecycle calendar. After that date, Microsoft will no longer provide free security updates, feature updates, or general technical support for Windows 10. To help bridge the gap, Microsoft has made a one-year Extended Security Updates (ESU) program available to consumers and organizations, but the program carries conditions and, outside certain regions, a fee. The ESU window runs from October 15, 2025 through October 13, 2026 for enrolled consumer devices, while Microsoft has also announced continued security coverage for Microsoft 365 apps on Windows 10 for a period beyond that (with a specified separate end date in Microsoft documentation).
Public-interest groups and local repair networks have responded by urging Microsoft to extend free Windows 10 security updates globally. Their arguments center on three linked concerns: security of hundreds of millions of devices, the financial and social burden of forced hardware replacement, and the environmental consequences of producing and dumping millions of still-functional PCs.

Why this matters now​

• Security cliff: When mainstream security updates stop, systems become vulnerable to newly discovered exploits. Many critical enterprise services and consumer activities still rely on Windows 10 systems.
• Upgrade eligibility gap: A significant share of Windows 10 devices cannot meet Windows 11’s hardware requirements and therefore cannot upgrade without buying new hardware.
• Environmental impact: Estimates circulated by advocacy groups and analysts suggest the end of support could drive large volumes of electronics to recycling streams or landfill, with a substantial aggregate weight measured in hundreds of millions or even billions of pounds — a figure that depends heavily on assumptions about device mix and replacement behavior.
• Equity and access: Low-income households, small businesses, public libraries and community organizations are disproportionately affected; many cannot afford new hardware or subscription-based security extensions.

Overview of the claims and what verification shows​

Advocacy materials and press coverage have emphasized a few headline figures that are worth unpacking carefully.

• Claim: “As many as 400 million computers that use Windows 10 are at risk of losing free security and other updates.”
  Verification: Independent industry analyses and press reporting have repeatedly used ballpark figures in the hundreds of millions when describing devices still on Windows 10 and those that cannot readily upgrade to Windows 11. The precise number varies by methodology (global telemetry, installed base estimates, market-share measures). Treat the 400 million figure as a widely reported estimate rather than a precise census.
• Claim: “Around 43% of all computers running Windows 10 will not be able to move to Windows 11.”
  Verification: Several IT asset surveys — performed on millions of devices by independent vendors — have shown that roughly four in ten PCs in their samples fail one or more of Windows 11’s minimum requirements (CPU model lists, TPM 2.0, RAM and storage thresholds). That 43% figure maps to published survey results but depends on the sample and date. It is a credible, repeated estimate in public reporting, though not a definitive global percentage.
• Claim: “This will translate to 1.6 billion pounds of e-waste.”
  Verification: The e-waste estimate originates from environmental advocacy calculations that convert an assumed number of replaced devices into aggregate weight. These figures depend on device-type assumptions (laptop vs. desktop shares), replacement rates, and whether devices are recycled, refurbished or thrown away. The 1.6 billion pounds number is an estimate made public by environmental groups and quoted by media; it is plausible under certain assumptions but not directly measurable today. It should be treated as an illustrative projection, not a confirmed outcome.

Where numbers vary, the important point is not the single figure chosen but the scale and direction: tens or hundreds of millions of devices remain on Windows 10; a substantial share of those cannot upgrade to Windows 11 under current hardware rules; and large-scale device replacement would create measurable environmental and social impacts.

---

Technical context: why many Windows 10 PCs can’t run Windows 11​

Windows 11 introduced hardware requirements that differ significantly from Windows 10’s permissive baseline. The key technical hurdles for many older machines are:

• TPM 2.0 requirement: Trusted Platform Module 2.0 is used for device-based cryptographic operations and is a cornerstone of modern Windows security features (BitLocker keys, measured boot, virtualization-based security). Many pre‑2016 systems lack TPM 2.0.
• Processor model and age limitations: Microsoft maintains lists of supported CPUs for Windows 11; older generation processors are excluded even if they can technically run the OS.
• 64-bit only and RAM/storage minimums: Windows 11 requires a 64-bit CPU architecture and a minimum system RAM and storage baseline that excludes some older entry-level machines.
• Secure Boot and firmware expectations: UEFI Secure Boot and other platform features are expected to be present or enabled on supported hardware.

These requirements are defended by Microsoft as essential to enable hardware-backed security features and a modern baseline for Microsoft’s long-term OS roadmap. However, they create a binary outcome for upgrade eligibility: either a device meets the list, or it is blocked from an official upgrade path unless hardware changes are made.

Practical upgrade options for blocked systems​

• Some devices can be made compatible by enabling TPM or Secure Boot in firmware settings, or by updating BIOS/UEFI — but not all vendors exposed those options or provided firmware that meets the Windows 11 validation list.
• In a minority of cases, hardware components (motherboard/CPU) can be upgraded — a complex, sometimes cost‑ineffective repair.
• Alternative paths include switching to a different OS (Linux distributions, ChromeOS Flex), using virtualization or cloud desktop services, or enrolling in the Extended Security Updates (ESU) program for a limited time.

---

Microsoft’s response: Extended Security Updates and regional carve-outs​

Microsoft has offered a consumer-focused ESU program to provide security-only updates for a one‑year bridge period after free support ends. Key technical and policy points about ESU:

• ESU provides security updates only (no new features, no full technical support).
• Enrollment options may include a Microsoft account sign-in and, in many regions, a one‑time fee or Microsoft Rewards redemption for the enrollment option to maintain a local account. Specific parameters can vary by geography.
• Microsoft announced an adjustment to provide free ESU access in the European Economic Area (EEA) for the one‑year window without requiring the previous enrollment conditions; that region-specific change reflects regulatory and advocacy pressure.
• ESU is time-limited; it is a bridge, not a permanent solution.

The ESU program reduces the immediate security cliff but introduces friction and potential privacy trade-offs (requirement to tie devices to a Microsoft account) for those seeking continued updates without hardware replacement.

---

Security and operational consequences​

Stopping free security updates for a widely deployed desktop OS creates several operational realities:

• Heightened vulnerability exposure: Unsupported systems remain functional but stop receiving patches for newly discovered vulnerabilities, increasing the risk of compromise over time.
• Mixed estate risk: Organizations that cannot standardize on a supported platform face the difficulty of managing a mixed fleet — some protected, some not — which complicates patch management, compliance, insurance and incident response.
• Short-term mitigation: ESU enrollment or moving affected workloads to virtualized/cloud-hosted Windows instances can reduce risk, but at added cost and complexity.

For small businesses, libraries, schools and nonprofits — groups with limited IT budgets — the options are constrained: pay ESU, buy new hardware, transition to Linux or ChromeOS, or accept growing risk.

---

Environmental impact: e-waste, recycling, and hidden costs​

Replacing large numbers of still-functional PCs creates avoidable environmental pressures. Key considerations include:

• Volume: Estimates of millions of devices being retired vary by study; whether you use a conservative or aggressive replacement assumption, the aggregate weight of retired devices is large.
• Recycling realities: A substantial percentage of e-waste in many countries is not recycled properly. Valuable metals and hazardous materials can either be reclaimed or leak into landfills depending on the recycling infrastructure.
• Resource cost and carbon footprint: Manufacturing new laptops and desktops consumes raw materials and energy — extracting, refining and shipping those materials carries a carbon and resource cost often ignored in upgrade decision-making.
• Refurbishment potential: Many incompatible devices remain serviceable for everyday tasks and could be refurbished and redistributed if market incentives and recycling channels support that lifecycle extension.

Environmental advocates argue that software end-of-life policies should factor device longevity and circular-economy goals into product stewardship and support decisions. Pushing functional devices into obsolescence through software policy creates a disconnect between product lifespan and manufacturer/OS lifecycle.

---

Equity and policy concerns​

The regional variation in Microsoft’s ESU policy (e.g., a free ESU path in the EEA) raises equity questions:

• Digital divide: Low-income households and under-funded public institutions are less able to absorb hardware replacement costs. A global patch disparity would create a two-tiered digital safety landscape.
• Privacy trade-offs: Requiring a Microsoft account to access free updates (or imposing other conditions) raises privacy and autonomy concerns, especially for those who prefer local accounts for legitimate reasons.
• Regulatory pressures: Consumer protection groups and regional regulators have successfully influenced Microsoft’s carve-outs; continued oversight and advocacy could shape future decisions on lifecycle support and right-to-repair principles.

The broader policy debate touches on whether major platform vendors have a responsibility to align software lifecycles with realistic device longevity and whether regulators should mandate minimum support windows or recycling and trade-in obligations.

---

What affected users and IT managers should do now​

The approaching deadline leaves only a short window for planning. Recommended actions:

• Inventory and audit
• Identify all endpoints running Windows 10.
• Categorize devices by role (business-critical, general-purpose, kiosk, specialized hardware), upgrade eligibility, and owner.
• Check upgrade eligibility
• For each device, verify whether it meets Windows 11 minimum requirements (TPM 2.0, processor list, RAM/storage, UEFI settings).
• Where possible, test enabling TPM/Secure Boot and BIOS updates from the vendor.
• Prioritize by risk and function
• High-risk, externally facing systems should be upgraded or placed on an ESU plan first.
• Legacy devices used for low-sensitivity tasks may be repurposed with a lightweight Linux distro to extend lifetime without Windows security patches.
• Evaluate ESU enrollment vs. replacement costs
• Compare the one‑year ESU cost (and the operational cost of Microsoft account management) to the hardware refresh cost and to migration options like Chromebooks or Linux.
• Plan data protection and backups
• Back up critical data and verify restore procedures before initiating mass upgrades or migrations.
• Consider encryption and secure data sanitization policies for retired devices.
• Use trade-in, refurbishment and recycling channels
• Where replacement is necessary, pursue vendor trade-ins, certified refurbishment programs, or accredited recycling to minimize environmental impact.
• Communicate and train
• For organizations, prepare staff and users for forthcoming changes: migration timelines, training on new OS behavior, and security best practices.

---

Alternatives and mitigation strategies​

• Switch to Linux distributions: Many older PCs that cannot run Windows 11 can run modern Linux distributions effectively, extending device usefulness for web, office and education tasks.
• ChromeOS Flex: Google’s ChromeOS Flex targets device repurposing but sacrifices some Windows application compatibility.
• Cloud/virtual desktops: Using Cloud PC, Windows 365 or VDI approaches can centralize OS management and keep endpoints thin and secure.
• Refurbish and donate: Nonprofits and educational programs often welcome refurbished devices; ensure data is properly wiped and hardware meets recipient needs.

Each option comes with trade-offs: training, app compatibility, user experience and long‑term maintenance.

---

Critical analysis: Microsoft’s security rationale vs. the public interest​

Microsoft’s platform argument is consistent: security at scale requires a modern baseline of hardware features and firmware protections. TPM 2.0 and processor vetting enable new defense mechanisms that are meaningful against modern threats. From a security engineering standpoint, raising the bar can reduce the attack surface and enable capabilities that older hardware cannot deliver.
However, the social and environmental implications of a hard cutoff — and a regionally inconsistent ESU policy — are significant. Strengths and risks include:

• Strengths
• Improved baseline security for supported devices.
• Clear lifecycle timeline helps enterprise procurement planning.
• ESU provides a limited transition path, and the EEA carve-out shows responsiveness to regulatory pressure.
• Risks and weaknesses
• A one-year paid or conditioned ESU is insufficient for populations that cannot upgrade quickly.
• Requiring Microsoft account linkage for ESU enrollment raises privacy concerns and reduces autonomy for local-account users.
• The environmental externalities — e-waste, resource use, recycling capacity — are not resolved by an OS vendor’s decision alone.
• Regional carve-outs create geographic inequities in digital protection.

The decision looks like an engineering-first one, with economic and environmental consequences that require public-policy interventions and vendor collaboration with recyclers, refurbishers and public-interest groups to mitigate.

---

The role of regulators, advocacy groups and local communities​

Consumer-rights groups, repair advocates and local governments have an important role to play:

• Pressuring vendors to provide longer, unconditional security support for widely deployed platforms.
• Pushing for manufacturer takeback, extended producer responsibility, and trade-in incentives that reduce the net e-waste outcome.
• Supporting libraries, community centers and nonprofits with grants or curated refurbishment pipelines.
• Clarifying privacy and consent rules for enrollment schemes that require account linkages.

Regulatory tools — consumer protection laws, digital markets regulation, and e-waste directives — can shape vendor behavior. The precedent of a regionally free ESU indicates advocacy and regulation can move the needle.

---

Conclusion: a pragmatic way forward​

The Windows 10 end-of-support moment is a test of how software lifecycles intersect with social responsibility. The technical case for Windows 11’s stricter hardware baseline is strong, but it collides with the reality of millions of functioning devices that are not upgradeable. A balanced path requires:

• Practical short-term mitigation: clear, affordable ESU access globally or generous carve-outs; robust trade-in and refurbishment incentives; official guidance for secure migration paths.
• Medium-term policy fixes: longer minimum support windows for widely sold OS versions, or predictable lifecycle warranties when hardware is marketed with bundled software.
• Long-term systems change: design-to-last hardware, better repairability, and circular-economy business models that align vendor incentives with device longevity.

For IT managers, small businesses, libraries and households, the immediate imperative is to audit, prioritize and act — enroll in appropriate bridge programs where needed, pursue refurbishment or OS alternatives where cost-effective, and use responsible recycling channels when replacement is unavoidable.
The coming weeks will determine whether this transition is managed as a security upgrade or becomes a broader social and environmental challenge. The choices made by vendors, regulators and communities now will echo through how modern computing hardware is used, shared and retired for years to come.

---

Source: PIRG Microsoft: Don’t end free support for Windows 10