Windows 10 End-of-Life is finally here

On October 14^th 2025 Microsoft are laying Windows 10 to rest. As the successor to the rather unpopular Windows 8.1, and the flagship Windows Operating System for 6-7 years it achieved a huge market share between it’s Home, Professional and Enterprise versions.

But, when it’s death-day finally rolls around, what will this really mean for those businesses that have yet to upgrade to Windows 11? The most pressing issue is that Microsoft will stop developing and distributing security fixes for the product. This really matters. The very next time that a security researcher, nation state threat-actor, or genius child identifies a vulnerability in the product it will be available for anybody to exploit in the wild, safe in the knowledge that no fix is coming.

Of course, this has all happened before and we can look to what happened in the months following the End-of-Life (EoL) for previous Windows Operating Systems to give us a crystal-ball insight to what we might expect in the wake of Windows 10. A quick look at the “published date” for Windows 8.1 vulnerabilities makes it very clear that the vulnerabilities don’t stop coming just because the product has been pronounced dead. An arsenal of medium, high and critical rated vulnerabilities were identified in the weeks and months after support ended. Crucially, they all now remain, silently lurking, within those businesses that didn’t upgrade. To make matters worse, as time passes these vulnerabilities become increasingly well documented and threat-actors find quicker and easier ways to exploit them, sharing code and methods between themselves.

Exploiting known vulnerabilities appears in many of the stages within the MITRE ATT&CK matrix, notably initial access, privilege escalation and lateral movement. Put simply, running an unsupported, and unpatched operating system is an open invitation for a threat-actor to make themselves at home within your network.

There will always be fringe cases, where for whatever reason an organisation MUST continue running a device beyond it’s EoL date. In those rare and unavoidable situations, it’s important that the risk is fully understood, mitigated as far as is possible and then reviewed regularly.

Adding additional layers of defence around a Windows 10 machine will make it much harder to exploit. Making use of network level technical controls (such as those provided by a Next Generation Firewall) can significantly lower the risk. By utilising strict outbound filtering on the network and inspecting all of the traffic to/from the Windows 10 machine you achieve visibility and an opportunity to detect and prevent exploit code from reaching its intended target. Furthermore, the use of strict isolation, where the machine is only contactable by as few services on as few other devices as possible can reduce the attack surface significantly. This has the added benefit of reducing the blast-radius should a threat actor be successful in exploiting the vulnerable machine.