Microsoft recently made an unusual decision that caught many in our field off guard. The company announced it will offer a free tier of Extended Security Updates for Windows 10 after its official end-of-support date in October 2025. This move breaks from their standard practice of charging for extended security patches.
For those unfamiliar, Extended Security Updates provide critical security fixes for operating systems past their official support period. Think of it like getting essential medicine for an older car when the manufacturer stops making parts. Without these updates, systems become vulnerable to newly discovered security holes that attackers actively exploit.
This free safety net applies specifically to consumer devices and small businesses. It covers critical and important-rated vulnerabilities for one year. Large enterprises still need paid subscriptions. The free version won’t include technical support or new features—just essential security patches.
What surprises me most is the timing. Microsoft typically uses end-of-life events to push upgrades. Their shift recognizes a hard truth: millions worldwide cannot immediately upgrade. In regions like Africa and Southeast Asia, organizations often rely on older hardware that cannot run Windows 11. For them, this free year provides breathing room to plan proper migrations.
Actionable steps if you use Windows 10:
1. Verify device eligibility immediately using Microsoft’s PC Health Check tool
2. Start migration planning now—don’t wait until October 2025
3. If staying temporarily, enroll in the free ESU program when available
4. Strengthen other security layers: enable multi-factor authentication everywhere, segment networks, and monitor traffic
Remember, this is a temporary fix. The free updates only cover specific vulnerabilities and won’t protect against all threats. I’ve seen too many organizations treat extended support as permanent solutions, only to suffer breaches later.
Globally, this decision helps smaller entities with limited budgets. A Nairobi-based nonprofit I advised last month runs Windows 10 on donated machines. They cannot afford new hardware but now have time to fundraise properly. Still, it highlights how technology disparities force compromises on security.
Microsoft’s documentation confirms the free ESU will activate automatically for eligible devices. Keep systems updated to receive it. While helpful, view this as an emergency measure—not a strategy. Start testing Windows 11 compatibility or consider Linux alternatives where feasible.
Ultimately, this reflects growing industry acknowledgment that forced obsolescence creates security risks. As practitioners, we must balance pragmatism with progress. Give organizations credit for extending protections, but never confuse lifelines with long-term solutions.
