Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Despite being installed on more than a third of all PCs in the world, Microsoft will cease to support Windows 10 on 14 October – here’s how to stay safe when the security updates stop.
Organisations and individual consumers around Australia – and the world – rely upon PCs running Windows 10; however, Microsoft will soon stop supporting the operating system as it reaches end of life on 14 October.
This means that security updates for the 34.3 per cent of machines that run Windows 10 will cease, meaning that any new vulnerabilities in the OS will remain unpatched – a potential security nightmare for anyone with a machine incapable of being upgraded to Windows 11.
“End of support is not the end of the world, but it is the end of free safety nets. Attackers know that, which is why unpatched Windows and driver bugs become long-lived entry points,” Luis Corrons, cyber security expert at Avast, recently said.
“It is also an opportunity for scammers. People may see fake pop-ups, upgrade offers, or even get phone calls pretending to be from Microsoft.”
The lack of updates could be a potential goldmine for scammers and ransomware operators looking to target out-of-date devices.
There is a paid option to remain up to date, however. Microsoft’s Extended Security Updates (ESU) program for Windows 10 costs US$61 per device in the first year, with the price doubling every year for the maximum duration of three years.
Where possible, however, upgrading to Windows 11 is the best course of action.
Ondrej Kubovič, security awareness specialist at ESET, said that continuing to rely upon Windows 10 is an invitation to cyber criminals.
“Unsupported operating systems represent a significantly larger attack surface than isolated known – or zero-day – vulnerabilities in individual applications,” Kubovič said.
“Risks range from unauthorised access, data theft to malware infection, potentially leading to operational disruptions, legal and even reputational consequences.”
Kubovič added that while short-term solutions, such as the ESU program, can extend the life of a Windows 10 device, security issues remain.
“Where patching isn’t possible, compensating controls like hardening, strict policies, and minimising exposed services should be implemented. However, same as in the case of regular users, these are only temporary measures. A full upgrade to a supported OS is ultimately required,” Kubovič said.
“For critical systems that cannot be upgraded immediately, the recommended setup is to run users with the lowest possible privileges, minimise installed software and exposed services, and, if possible, deny all inbound connections or route necessary ones through VPN or SSH. Consider also physical security measures like USB port blocking or air-gapping, paired with expanded log collection and frequent audits to help detect and respond to incidents and anomalies.
“The bottom line: temporary fixes can buy you time, but they are not a substitute for a full upgrade. Start planning your transition now to avoid unnecessary risks.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
