Windows 10 End of Support 2025: Plan Your Migration with TeamViewer DEX

TeamViewer’s analysis that “two in five” supported endpoints still run Windows 10 is a blunt reminder that Microsoft’s October 14, 2025 support cutoff isn’t an abstract calendar event — it is a practical inflection point for security, compliance and IT operations worldwide. The study (reported in regional press) says more than 40% of endpoints connected to TeamViewer during July–September 2025 were still on Windows 10, with Australian endpoints slightly lower at 38%. If accurate and broadly representative, those figures describe hundreds of millions of machines that will move from “supported” to “unsupported” overnight unless organisations or users either upgrade, buy Extended Security Updates (ESU) coverage, or adopt compensating controls. That matters because Microsoft has set a firm end-of-support date: after October 14, 2025, mainstream Windows 10 editions will no longer receive routine security or quality updates from Microsoft.

Background / overview​

Microsoft’s lifecycle calendar is explicit: Windows 10 (consumer and standard SKUs including Home and Pro, plus many enterprise and IoT variants) reaches end of support on October 14, 2025. After that date Microsoft won’t ship OS-level security patches or standard technical support for those SKUs; Microsoft has published guidance recommending eligible devices upgrade to Windows 11 or enrol in Extended Security Updates as a temporary bridge. These are vendor-published facts and are the authoritative baseline for any migration plan.
At the same time, market trackers and vendor telemetry have painted a complex, not-quite-consistent picture of real-world adoption. StatCounter and related pageview-based trackers showed Windows 11 catching up to — and in some months overtaking — Windows 10 in mid‑2025, while endpoint telemetry from security vendors and management tools often showed Windows 10 still heavily entrenched in many corporate fleets. Those two measurement families answer different questions (active browsing devices vs installed endpoint base), which is why both perspectives must be used together when planning migration and risk mitigation.

---

What TeamViewer reported — and what can be independently verified​

• The claim: TeamViewer’s analysis of 250 million anonymised support sessions between July and September 2025 reportedly found that “more than 40%” of global endpoints receiving support via TeamViewer ran Windows 10, with Australia at 38%. The reporting also quoted TeamViewer security and product executives urging rapid upgrades and promoted TeamViewer’s DEX (Digital Employee Experience) Windows 11 Readiness tooling as a remediation path.
• Verifiable facts: Microsoft’s end-of-support date, the existence of consumer and commercial ESU options, and TeamViewer’s broader DEX product and strategic positioning (including the 1E acquisition and DEX offerings) are independently verifiable. Microsoft’s support pages and lifecycle announcements confirm the October 14, 2025 cutoff and ESU mechanics. TeamViewer has publicly expanded its DEX and digital workplace products in 2025 and promoted Windows 11 readiness tooling as part of its DEX/TeamViewer One portfolio.
• Where caution is required: I was unable to locate a primary TeamViewer data release or publicly archived dataset that matches the precise wording and the 250 million-session sample described in the regional article you shared. That does not mean the analysis does not exist — it may be a customer/partner briefing or press note published in regional outlets — but the precise dataset and methodology (sample weighting, session-to-endpoint mapping, geographic breakdowns, and how “endpoint” was defined) were not available in TeamViewer’s public press pages at the time of verification. Because the headline number drives risk decisions, treat it as a directional alarm unless you can obtain the underlying TeamViewer methodology or a public whitepaper from the vendor. This is an unverifiable claim until the firm’s raw methods or dataset are published. (TeamViewer’s published product materials do, however, confirm the company has DEX and readiness capabilities to assess upgrade eligibility.)

---

Why the numbers matter: security and operational implications​

• Unsupported OS = accumulating risk. When Microsoft stops shipping OS-level patches, any newly discovered kernel, driver or platform vulnerability will remain unpatched on Windows 10 devices that are not covered by ESU. Attackers routinely scan for and weaponise unpatched platforms; history shows unsupported systems become high-value targets in the months after a vendor cutoff. This raises both cyber‑risk and compliance exposure for organisations handling regulated data.
• Scale converts risk into consequence. Even conservative pageview-based market-share figures placed Windows 10 as a large slice of the installed base in 2025; other telemetry suggested an even higher presence in corporate estates. If 40% of endpoints in TeamViewer’s support footprint are on Windows 10, the absolute headcount is large enough to matter for supply‑chain risk, managed‑service scaling, and incident response planning. Cross-checking multiple datasets (StatCounter, security-vendor telemetry such as Kaspersky, and vendor readiness tools) is vital to translate percentages into practical device counts for budgeting and procurement.
• Operational friction and compatibility: Windows 11’s minimum hardware baseline (TPM 2.0, UEFI Secure Boot, supported CPU generations, minimum RAM and storage) leaves a substantial subset of devices unable to perform a free in-place upgrade. Organisations with long refresh cycles, custom line-of-business software, or legacy peripherals will face testing, remediation and staged rollouts — not a single-button fix. That explains why large fleets commonly run Windows 10 up to and sometimes beyond vendor EOL.

---

TeamViewer DEX and the migration tooling landscape — strengths and limits​

TeamViewer’s public product announcements in 2025 show the company actively positioning DEX and endpoint intelligence as a migration accelerator: the platform bundles remote support, endpoint monitoring, and readiness assessments into a single pane of glass and has been promoted as an integrated migration tool following TeamViewer’s DEX/1E integrations. The vendor’s value proposition to IT teams is straightforward:

• Real-time inventories and readiness scoring
• Automated remediation checks (TPM/UEFI/Secure Boot, driver readiness)
• Post‑upgrade validation and compliance checks
• Integrated remote remediation for stubborn endpoints

These capabilities are useful for reducing pilot failure rates and shortening remediation cycles — and TeamViewer has publicly described precisely these benefits in product briefings. But buyers must evaluate three realistic limits before assuming DEX will solve everything: tooling only reduces friction where hardware is upgradeable; remediation often requires firmware or driver updates controlled by OEMs; and mass rollouts still require change management, user acceptance testing and incident remediation capacity. In short: DEX can accelerate, measure and validate — it cannot make unsupported hardware eligible for Windows 11.

---

Practical migration playbook — a step‑by‑step checklist for organisations​

• Inventory and classify (days 0–7)
• Use your endpoint management or DEX tools to build a verified inventory of every device: OS version, installed apps, TPM presence, Secure Boot status, CPU model, RAM, storage and patch status.
• Tag devices by business criticality (Tier 1 = sensitive/data-critical; Tier 2 = standard office; Tier 3 = kiosk/lab/test).
• Run automated readiness at scale (days 7–21)
• Use PC Health Check, vendor readiness packs, or DEX readiness tooling to produce per‑device upgrade eligibility.
• Create deterministic remediation tasks: firmware updates, BIOS/UEFI toggles, driver updates.
• Pilot and compatibility testing (days 14–45)
• Select representative pilot groups (3–5 machine families and core LOB apps).
• Test image upgrades vs. in-place upgrades. Validate peripherals, print drivers, and authentication flows (SSO, SAML, conditional access).
• Decide on ESU vs. migration (days 21–60, parallel tracks)
• For non-upgradeable but critical devices, budget ESU (short‑term), isolate them on segmented VLANs, and harden via EDR/EDR policies and limited internet exposure.
• Treat ESU as a time-limited bridge only. ESU is not an alternative to a migration program.
• Scale rollout and change management (days 45–180)
• Staged rollout by site, user cohort, or business unit. Maintain rollback images, clear SLAs and helpdesk staffing.
• Instrument DEX to measure pre/post metrics: boot times, helpdesk ticket rate, and user satisfaction.
• Post‑migration validation and decommission (ongoing)
• Use DEX to validate configuration integrity, ensure security baseline compliance and retire or repurpose replaced devices responsibly (trade-in/refurbish/recycle).
• Quick wins to reduce risk today:
• Prioritise internet‑facing endpoints and high‑privilege users for early migration.
• Enforce multi‑factor authentication and least privilege to limit lateral movement risk on legacy endpoints.
• Harden and isolate legacy servers and network‑attached legacy desktops that cannot be migrated quickly.

This playbook follows standard ITIL/DevOps rollout practices but puts the clock and EOL risk at center stage. Use tooling (DEX, Intune, SCCM, Lansweeper) to automate discovery and remediation as much as possible.

---

Consumer and SMB options: clear choices, different trade-offs​

• Free upgrade path: If a device meets Windows 11 hardware requirements (and runs Windows 10 version 22H2), Microsoft’s upgrade path is free. Use PC Health Check to verify eligibility.
• Consumer ESU: Microsoft published a limited consumer ESU route (one year of security-only maintenance to October 13, 2026) with enrollment mechanisms that included login sync to a Microsoft account, redeeming Microsoft Rewards points, or a paid one‑time option in some markets. ESU is a pragmatic short-term bridge for households and small businesses that need time to plan a migration. Treat it as a stopgap, not a strategy.
• Alternative OS paths: For older hardware that cannot upgrade, modern Linux distributions or ChromeOS Flex can extend useful life while restoring vendor-supplied security updates. Those paths require testing for driver and peripheral compatibility but can be a cost-effective sustainability option.

---

Financial, legal and environmental fallout — a sober accounting​

• Cost: Enterprises that choose ESU at scale can face a non-trivial bill, and public modelling in 2025 highlighted potential billions in aggregate cost if many organisations bought ESU rather than migrate. Conversely, a hastened hardware refresh also consumes capital; each organisation must run scenario modelling that includes procurement lead times, software compatibility remediation costs, helpdesk uplift, ESU spend and potential incident response costs.
• Compliance and insurance: Auditors, regulators and cyber insurers commonly require supported, vendor-patched baselines for systems handling regulated data. Unsupported endpoints may trigger coverage or compliance gaps; document ESU or mitigation decisions to preserve audit trails.
• E‑waste and sustainability: Forcing hardware refreshes on a large scale raises e‑waste and affordability concerns. Organisations should prioritise refurbishment, trade‑in and responsible recycling, or evaluate OS alternatives that extend device life where security and compliance permit. Advocacy groups argued publicly in mid‑2025 that Microsoft’s hardware requirements meant many devices were stranded and posed equity and sustainability challenges.

---

Critically evaluating the vendor claims and the media narrative​

Strengths in the reporting and vendor messaging:

• The overall alarm is justified. Multiple independent trackers and telemetry sources converged on the same basic reality in 2025: Windows 10 remained widespread and many devices would be unsupported after October 14. That is an operationally meaningful fact that demands action.
• TeamViewer’s product positioning around DEX is sensible. Combining readiness scans, remote remediation, and post‑upgrade validation into a consolidated workflow can materially reduce migration friction and real-world outage risk.

Risks and limitations in the messaging:

• Representative sampling matters. Claims based on vendor telemetry (including security vendors and remote‑support datasets) can over‑ or under‑represent specific regions, verticals or device classes. A 40% Windows 10 share inside TeamViewer sessions does not automatically equal 40% of the global installed base. The difference between “pageviews” and “installed endpoints” is crucial when converting percentages into device counts or budget figures. That distinction was apparent when comparing StatCounter pageview snapshots with security‑vendor telemetry samples.
• Unverified dataset disclosures must be treated as directional. The TeamViewer figure you shared was reported in regional coverage; absent a public methodology, treat it as a vendor‑level operational snapshot rather than a global census. Request the vendor’s methodology if you will use the number to set budgets or compliance posture.

---

What to ask vendors and partners today​

• For DEX / readiness vendors: request the raw criteria used to grade “readiness” (TPM/CPU/driver checks, UEFI flags, application compatibility heuristics) and ask for exportable reports that can be imported into your CMDB.
• For security vendors: ask for telemetry definitions — what population does the sample represent, what is the geographic coverage, and how are endpoints deduplicated?
• For Microsoft and OEMs: confirm firmware/BIOS update availability for specific models and timelines for driver/firmware fixes before scheduling mass upgrades.

---

Conclusion​

The headline that “two in five devices still run Windows 10” captures a useful, urgent truth: large numbers of endpoints remain on an OS that Microsoft will stop patching on October 14, 2025. That matters for cyber risk, compliance and operational continuity. The exact percentages and device counts vary by how you measure them — web pageviews, security telemetry, or management-tool inventories each tell a different part of the story — so organisations must reconcile external telemetry with their own inventories before committing budget.
Tools like TeamViewer DEX and other readiness solutions can shorten the migration path by automating discovery, remediation and validation, but they cannot change hardware eligibility or remove the need for proper testing, rollback plans and staged rollouts. Use ESU only as a time‑boxed bridge, prioritise high‑risk endpoints for immediate action, and instrument your rollout with DEX or comparable telemetry so outcomes are measurable.
Finally, treat any single vendor statistic as a starting point, not a final invoice. Request the underlying methodology, cross-check with at least two independent sources (Microsoft lifecycle pages, StatCounter or comparable market trackers, and security‑vendor telemetry), and plan migration programs that balance security, cost and sustainability — before the calendar forces the decision.

---

Source: IT Brief Australia Two in five devices still use Windows 10 as support nears end