(Credit: Cole Kan/PCMag/Microsoft/Getty (Just_Super))
Support for Windows 10 may have ended last year, but despite the potential security risks, a vast number of consumers haven't upgraded to Windows 11. Now, Microsoft is making it difficult to stick to Windows 10, cutting off Secure Boot certificates in June. However, not every existing PC is compatible with Windows 11, and with rising RAM prices and tariffs complicating things, "just buy a new computer" is an expensive and out-of-touch suggestion. So, how long can you safely run Windows 10? I'm here to answer that question.
Windows 10 Didn't Break Overnight—But Its Safety Net Did
As you’ve surely noticed, Windows 10 computers didn’t simply shut down on October 14, 2025. There’s no immediately visible evidence that the operating system isn’t supported. So, what difference does the end of support make?
(Credit: Microsoft/PCMag)If you have a Windows 10 issue and attempt to get tech support from Microsoft, you’ll quickly discover that support is no longer available. Similarly, if you try to run Windows Update, you’ll see a warning, “Your device is no longer receiving security updates.”
Simply put, there will be no further updates for Windows 10, including security updates, which is the most significant impact of the end of support. No more patches, no more security updates. You're on your own.
Is Staying on Windows 10 Risky?
For many users, Windows Update is an annoyance, often occurring at an inconvenient time. Some of those updates just provide enhanced operating system functions, but others serve to patch security holes. As noted, Microsoft won't issue any further updates for Windows 10. If researchers on the Dark Side discover a security vulnerability, it won’t get patched unless it's so severe that Microsoft has to take action.
There’s a continuous tug of war between malware coders and antivirus developers. For each new attack vector, a defense quickly arises. But you can picture what happens when one side in a tug of war stops pulling hard and trying to win. They may hold out by sheer inertia for a while, but sooner or later, the other team will claim the prize.
As time passes, you may also discover that new software only supports Windows 11. Even hardware devices typically require a driver to communicate with your PC. You might find you can’t use your new 3D printer because it doesn’t include drivers for Windows 10. High-end tools, such as Visual Studio and the latest Microsoft Teams, already require Windows 11. That’s a problem with no solution, other than sticking to apps and devices that continue to support Windows 10.
Extended Security Updates: Windows 10's Last Lifeline
If you look closely at the Windows Update screenshot a few paragraphs above, you’ll notice an apparent contradiction. Despite the warning about no more security updates, the app offers an update for Microsoft Defender Antivirus and a security update for Windows 10. Indeed, Microsoft has announced it will continue to update Microsoft Defender Antivirus on Windows 10 through October 2028.
Below the suggested updates, the app suggests that you enroll in Extended Security Updates (ESU) for Windows 10. That’s right. Microsoft has been warning us for years about the eventual demise of Windows 10, but for consumers, it's still willing to extend support for one more year, until October 13, 2026.
(Credit: Microsoft/PCMag)To access the ESU, you must meet some simple requirements. Only consumer-side Windows editions qualify, and your Windows 10 must be fully up to date. The Windows account you use to sign up must have Administrator privileges. Additionally, you must have Windows Backup enabled to sync the essentials of your Windows account to online backup.
If you don’t already use Windows Backup and don’t want to start, there are a couple of other ways to qualify for ESU. Have you been accumulating Microsoft Rewards points and wondering what the heck to do with them? For 1,000 rewards points, you can buy into ESU without the Windows Backup requirement. And then there’s the plain, simple cash option. A one-time $30 fee gets you access to the ESU.
It’s worth noting that Microsoft provides a separate ESU for businesses and organizations. Businesses pay $61 per PC, more than twice the cost for consumers. Businesses can also extend ESU protection for a second and third year, though the price doubles each year. Sorry, consumers only get that first year of extended security.
Microsoft Kicks Windows 10 While It's Down
As if withholding important updates isn't bad enough, Microsoft now says the security certificates that enable Secure Boot and related features will expire in June this year. Those using Windows 11 or Windows 10 ESU should receive updated certificates automatically. But if you're still on Windows 10 and haven't signed up for ESU, no cert for you!
Just what does that mean? Secure Boot protects against advanced boot-time malware, including malware that can survive a reboot. You lose that protection, but to be fair, boot-level malware is uncommon. In addition, you get no updates for Windows Boot Manager, which may interfere with third-party bootloaders. The continued security of Microsoft's BitLocker drive encryption relies on Secure Boot. And here's a nice trick—if you do obtain and install the updated certificate, doing so may trigger a BitLocker recovery event. You do have your 48-digit recovery key stored safely, right?
Realistically, though, many users will never notice the side effects of an expired certificate. If you're running Windows 10 without extended support, you're already dancing on the edge.
How to Protect a Windows 10 PC After Microsoft Walks Away
According to StatCounter, Windows 11 installations surpassed Windows 10 in June 2025. The latest figures show that Windows 11 is at 67.14% and Windows 10 is at 31.27%. That’s a lot of PCs still running Windows 10. If the PC Health Check utility reports that your PC isn’t capable of running Windows 11, or if you just plain don’t want to upgrade, you can continue with Windows 10.
Signing up for the extended updates doesn’t truly reanimate Windows 10. Yes, you should receive the updated Secure Boot certificate, just as Windows 11 users do. But beyond that, you only receive security updates. Per Microsoft’s documentation, signing up “does not provide other types of fixes, feature improvements, or product enhancements. It also does not come with technical support.” Additionally, you’re not addressing the security issues. You’re just kicking them down the road until next year.
If you plan to continue using your Windows 10 PC, be extra vigilant. Make sure that you have third-party security actively protecting your PC to compensate for the built-in security that Microsoft removed. The most important thing you can do is install a powerful antivirus utility and keep it up to date. Check in periodically to ensure the antivirus is working.
Once a hacking crew devises a malicious app that exploits a Windows security vulnerability, they must still install it on your PC and execute its harmful code. Chances are good the antivirus will recognize and quarantine the malicious app before it even executes. If the malware does manage to launch, behavior-based detection should catch and quash the exploit attempt.
You can enhance your protection by upgrading from an antivirus to a full security suite. Many suites include a firewall, and many firewalls are built with specific protection against exploits that attack system vulnerabilities. Exploits are the big problem when security patches aren't available, so this feature can seriously enhance your security. Using a VPN can also help, as it creates a barrier (the VPN server) between you and any malicious websites.
Ultimately, with Microsoft withdrawing its security support for Windows 10, it's up to you to take a more proactive approach, but it's definitely something you can accomplish.