Windows 10 End of Support 2025: Kaspersky Telemetry Urges Windows 11 Migration

Kaspersky’s telemetry snapshot lands like a warning siren: in their sampled dataset just weeks before Microsoft’s cut-off, roughly 53% of monitored devices were still running Windows 10, only 33% had migrated to Windows 11, and a measurable tail — about 8.5% — remained on Windows 7, while corporate endpoints skewed even older with nearly 59.5% of corporate devices on Windows 10. (kaspersky.com)

Background / Overview​

Microsoft’s official lifecycle calendar is unambiguous: Windows 10 reaches end of support on October 14, 2025. After that date Microsoft will no longer provide routine security updates, quality updates or standard technical support for Windows 10 editions unless you are enrolled in Extended Security Updates (ESU) or use other supported workarounds. This fixture in the calendar is the practical deadline that makes the Kaspersky figures urgent rather than academic. (support.microsoft.com)
Kaspersky’s press release — based on anonymized metadata from consenting devices in the Kaspersky Security Network (KSN) — gives one picture of the installed base; independent market trackers and enterprise-readiness studies give others. Together, these sources produce a nuanced but firm conclusion: migration to Windows 11 is well underway but far from complete, and many systems important to both consumers and businesses will enter a higher risk state once vendor updates stop. (kaspersky.com)

---

What Kaspersky actually reported​

The headline numbers (telemetry snapshot)​

• 53% of devices in Kaspersky’s sample were running Windows 10. (kaspersky.com)
• 33% of devices had moved to Windows 11. (kaspersky.com)
• 8.5% were still on Windows 7 (an OS unsupported since 2020). (kaspersky.com)
• Among business audiences, 59.5% of corporate devices ran Windows 10; 51% for small business. (kaspersky.com)

Kaspersky’s Security Expert Oleg Gorobets framed the risk plainly: a system not receiving security updates is like “a house with a rotting fence which can be knocked down with just a single kick,” and for corporate IT the OS must be prioritized as the business-critical layer to keep current. (kaspersky.com)

Regional figures and secondary reporting​

Some regional outlets and local summaries have published regional breakdowns (for example, Africa and the Middle East figures appearing in regional press), but those numbers are not presented in the global Kaspersky press release page; they are reported by secondary outlets that cite Kaspersky or use local KSN slices. Treat regional percentages as indicative but subject to verification against the primary Kaspersky regional pages or raw data requests.

---

How to interpret these numbers: telemetry, trackers, and sampling bias​

Not all usage data is created equal. There are three major families of measurement, and each answers a different question:

• Security-vendor telemetry (Kaspersky, ESET, etc.) — reflects the installed base where that vendor is active and where users consent to telemetry. It’s strong for endpoint-level security posture analysis, but it can be biased by regional market share and customer types. (kaspersky.com)
• Web-analytics trackers (StatCounter, similar services) — derive OS share from pageviews and user-agent strings. They reflect web activity and sampling that favors regions, devices, or demographics with higher browsing rates. StatCounter snapshots in mid‑2025 show Windows 11 approaching parity or leading in some months (figures fluctuate week to week). (thurrott.com)
• Vendor / OEM and enterprise inventories — those are the ground truth for a given organization but do not represent global populations.

Because Kaspersky’s numbers come from a security vendor’s telemetry pool, they are a reliable indicator of risk within the population they protect, but they are not — by themselves — a neutral global census. When Kaspersky warns that over half of devices in its telemetry remain on Windows 10, the operational meaning is clear: in environments where Kaspersky is installed, a large share of endpoints will be unsupported after October 14, 2025. Use that as a risk signal, then reconcile it with your own inventories and other market trackers. (kaspersky.com)

---

Independent corroboration: what other trackers and studies show​

Multiple reputable trackers and industry studies corroborate the central message (large Windows 10 population, uneven upgrade pace), even if the exact shares vary:

• StatCounter/market trackers: July–August 2025 snapshots showed Windows 11 moving ahead or close to parity, with Windows 10 still holding a substantial global share depending on the measurement window; monthly fluctuations are normal. (thurrott.com)
• ControlUp Windows 11 Readiness study (enterprise readiness): found that a significant share of enterprise endpoints were still to be migrated (ControlUp reported around 50% enterprise endpoints not yet fully migrated in mid‑2025 in one public study), highlighting gaps in corporate readiness. (controlup.com)
• PC maker commentary: OEMs (HP, Dell) and industry analysts publicly warned that migration would extend into 2026 for many customers due to hardware lifecycles, budget cycles, and compatibility testing. Those statements align with the telemetry-driven risk picture. (windowscentral.com)

The upshot: different measurement lenses tell variant stories, but none contradict the key risk: a non-trivial portion of PCs — especially in business environments — were still on Windows 10 as Microsoft’s EOL date approached. (kaspersky.com)

---

Why staying on Windows 10 after October 14, 2025 is risky​

• Security updates stop. New vulnerabilities will no longer be fixed by Microsoft for unsupported builds, leaving unpatched holes open for exploitation. Historical precedent shows attackers rapidly weaponize unpatched flaws once vendor patches cease. (support.microsoft.com)
• Software and driver compatibility declines. Vendors typically prioritize newer, supported OSes for compatibility and driver updates; staying on an EOL OS can break newer applications or device drivers. (microsoft.com)
• Compliance and insurance exposure. Regulatory frameworks and cyber insurance policies often require supported software and timely patching as part of baseline controls; running EOL software can trigger compliance and coverage issues. (This is consistent with risk guidance repeatedly issued by national cybersecurity agencies.)
• Operational fragmentation. Mixed OS estates complicate patching, endpoint management, and incident response — increasing operational overhead and the odds of misconfiguration.

Kaspersky’s blunt advice is mirrored by industry analysts: the cyber risk from leaving systems unsupported outweighs short-term convenience or perceived minor feature gaps between Win10 and Win11. (kaspersky.com)

---

Corporate risk: why enterprises should treat the OS as a priority​

• Enterprise endpoints often host mission‑critical line-of-business apps and bespoke integrations that require quality assurance. That makes migrations complex and time-consuming; it’s also why many enterprises lag behind consumer adoption.
• However, the longer these endpoints run unsupported systems, the greater the potential for a single exploit to cascade into large-scale incidents (data breaches, ransomware, production outages).
• For security and IT leadership, practical priorities are: inventory accuracy, classification of critical endpoints, prioritized remediation, and measured use of ESU as a temporary bridge — not a long-term solution. (kaspersky.com)

---

What to do now — a practical migration and mitigation playbook​

The following is a prioritized, actionable plan for IT teams and informed consumers. Numbers are presented as a tactical sequence.

• Inventory and classify (days 0–3)
• Use endpoint management tools to generate a complete list of devices, OS versions, BIOS/UEFI versions, TPM presence, and CPU family.
• Tag devices by business criticality and exposure (remote workers, public internet-facing, high-privilege users).
• Triage by risk (days 3–7)
• High-risk devices (execs, domain controllers, internet-facing systems) — prioritize for immediate upgrade or isolation.
• Medium-risk (office desktops with limited external exposure) — schedule migration windows.
• Low-risk/legacy (lab machines, test benches) — plan decommission or segregation.
• Assess upgrade eligibility and compatibility (days 7–21)
• Run Microsoft’s PC Health Check or vendor readiness tools to determine which devices can take Windows 11 in-place.
• Validate line-of-business application compatibility in a test/pilot environment.
• Pilot rollout and rollback plan (days 14–60)
• Start with a controlled pilot on representative hardware.
• Document rollback steps and snapshot backups (image + file backup).
• Scale upgrades, prioritize replacements (weeks 6–24)
• For incompatible devices where replacement is required, align refresh budgets and procurement windows.
• Consider phased rollout by department to spread costs.
• Use ESU only as a bridge (as required)
• Enroll mission-critical devices in ESU if required to buy time for phased migration; plan for ESU costs and note ESU is a short-term stopgap. (microsoft.com)
• Hardening and compensations for remaining Windows 10 devices
• Apply network segmentation, restrict admin privileges, enforce MFA, tighten firewall rules, and use modern EDR/XDR solutions.
• Implement application allow‑listing, exploit mitigation technologies (VBS, HVCI where available), and increased logging and monitoring. Kaspersky and peers recommend layered protection — but stress that tools are complementary, not a substitute for OS updates. (kaspersky.com)
• Consider alternatives for final-mile cases
• Cloud-hosted Windows (Windows 365 / Cloud PC) can deliver a supported Windows 11 experience without wholesale device replacement for certain user profiles.
• For some older consumer machines, ChromeOS Flex or a lightweight Linux distro may be viable, lower-cost options to extend hardware life safely. (windowsforum.com)

---

Consumer guidance: a short checklist​

• Check whether your device is eligible for Windows 11 with PC Health Check. (thurrott.com)
• Back up critical data before any OS change (cloud + local image).
• If eligible, upgrade following vendor guidance; if not, consider Cloud PC, ESU enrollment options, or replacement. (microsoft.com)

---

Practical cost and procurement realities​

• Hardware eligibility: Windows 11’s baseline (TPM 2.0, UEFI Secure Boot, supported CPU generations) leaves a portion of older desktops and laptops non-upgradable without hardware change, which means capital expenditure for replacements. (microsoft.com)
• ESU pricing and duration: Microsoft’s consumer ESU options include limited one-year paths and enterprise ESU is priced and structured in yearly tranches through 2028 for paying customers; ESU is intentionally temporary and escalates in cost for enterprises. Budget for ESU only when it’s part of a planned, time‑limited migration strategy. (microsoft.com)
• Procurement cycles: large fleets are typically refreshed across quarters or fiscal years; starting procurement conversations now reduces supply‑chain friction and avoids rushed purchases at premium pricing. OEMs have publicly stated migration conversations and refresh cycles will run into 2026. (windowscentral.com)

---

Technical mitigations if you must operate on Windows 10 post-EOL​

If migration before October 14, 2025 is impossible for some systems, harden and isolate:

• Enroll qualifying machines in ESU where possible (consumer or enterprise routes). (microsoft.com)
• Move unsupported but essential workloads into isolated VLANs or jump-host models.
• Increase logging, retention, and proactive threat-hunting on high-risk endpoints.
• Implement application allow‑listing, host-based intrusion prevention, and exploit mitigation layers (sandboxing, virtualization-based security).
• Ensure third-party vendors and device drivers are supported and maintain supported configurations where available.

Kaspersky specifically recommends exploit-prevention-enabled endpoint solutions and advising businesses to test updates before company-wide deployment to avoid disruption while staying secure. (kaspersky.com)

---

Strengths and limitations of Kaspersky’s report — critical analysis​

Strengths:

• Kaspersky’s dataset is endpoint-level telemetry with good visibility into installed OS versions for devices protected by its products, making it highly relevant for security posture assessments within that population. (kaspersky.com)
• The report issues a clear, actionable security warning and practical product recommendations for mitigation. (kaspersky.com)

Limitations and risks:

• Sampling bias: KSN telemetry reflects consenting devices where Kaspersky is installed; it may over- or under-represent certain regions, sectors, or device classes. Extrapolating KSN figures to a global installed base without adjustment can mislead planning. (kaspersky.com)
• Snapshot nature: market shares shift rapidly—weekly StatCounter numbers fluctuated in mid‑2025—so Kaspersky’s numbers are a time‑bounded snapshot, not a continuously representative census. (pcworld.com)
• Regional granularity: some reported regional percentages in secondary outlets are useful, but these must be validated against Kaspersky’s regional pages or original telemetry exports before being used for procurement or compliance decisions.

Overall, Kaspersky’s findings are a credible operational warning but should be combined with your own inventories and other market trackers to form migration plans. (kaspersky.com)

---

Final assessment and clear recommendations​

• Treat October 14, 2025 as a pivot: systems not updated or covered by ESU will enter a higher risk posture. Microsoft’s lifecycle page documents the date and ESU options. (support.microsoft.com)
• Use Kaspersky’s telemetry as a red flag — particularly if you are a Kaspersky customer — and reconcile its findings with your in-house inventory and other public trackers (StatCounter, ControlUp) before finalizing budgets and timelines. (kaspersky.com)
• For organizations: inventory now, triage critical assets, pilot Windows 11 upgrades, budget for replacements where hardware is incompatible, and use ESU only as a temporary bridge. Harden all remaining Windows 10 machines while you migrate. (microsoft.com)
• For consumers: check upgrade eligibility, back up data, and either upgrade to Windows 11 where possible or enroll in the available consumer ESU options if you need more time. Consider Cloud PC or OS alternatives for older machines that cannot be upgraded economically. (microsoft.com)
• Do not rely on endpoint protection alone. Layered defenses reduce risk but cannot substitute for vendor security updates to the OS kernel and core components. Kaspersky and independent guidance converge on this point. (kaspersky.com)

---

Microsoft’s fixed deadline, Kaspersky’s telemetry-based warning, and independent market trackers together create a clear picture: migration is necessary, manageable if planned, and costly or chaotic if deferred. The next few months are the final window to convert strategy into action — inventory, triage, and begin migrations now to avoid entering a security posture built on unsupported foundations.

---

Source: مجلة أرقام Kaspersky: More than half of PCs are still operating Windows 10 OS