Microsoft will officially end support for Windows 10 on 14 October 2025, marking a pivotal moment for technology-driven businesses. While systems won’t immediately shut down, they will stop receiving essential updates—most critically, security patches that protect against evolving cyber threats.
For software and hardware companies, this transition poses serious risks. Delaying migration can lead to increased cyber insurance premiums, coverage limitations, and exposure to claims that could disrupt operations or damage customer trust. In contrast, technology firms that proactively upgrade or migrate before the deadline will safeguard business continuity, maintain compliance, and preserve competitive insurance terms.
Here’s what this means for technology businesses—and the steps they should take now.
1. No more security updates could mean immediate vulnerability
Windows 10 will no longer receive security patches. That leaves over 700 million devices exposed to cyber threats, with no fixes for newly discovered vulnerabilities. Major applications, including Microsoft Office 365, will lose compatibility whilst software vendors will gradually stop releasing updates, making tools less secure and potentially unusable.
Research shows that end-of-life software averages 218 common vulnerabilities and exposures every six months. That’s over 400 security flaws per year for organisations still running Windows 10.
Unpatched Windows 10 systems are vulnerable to:
- Kernel-level exploits
- Deprecated encryption protocols
- Incompatible endpoint protection
- Weak authentication mechanisms
These flaws are actively exploited by threat actors.
2. 240 million PCs will become e-waste
Strict Windows 11 hardware requirements (like TPM 2.0, a Trusted Platform Module aka security chip) mean 240 million devices can’t upgrade. These systems will be functionally obsolete, contributing to a projected £1.06 billion of e-waste. This will also have a knock-on effect for the environment, with the impact expected to be massive.
If stacked, obsolete laptops would form a pile 600km taller than the moon. The environmental cost of inaction is staggering — and avoidable with timely upgrades or repurposing strategies.
3. Cyber insurance risks are skyrocketing
In 2025, one in five policyholders filed cyber insurance claims — the highest rate ever. 73% of claims stemmed from data breaches and security incidents, many linked to outdated systems.
4. Extended security updates are costly and temporary
Microsoft offers Extended Security Updates (ESU) at $60 per device for the first year, increasing annually until October 2028. After that, paid support ends.
5. Business continuity is at risk
Organisations that delay migration face:
- Higher insurance premiums
- Coverage exclusions
- Increased claims exposure
- Potential operational disruptions
Proactive migration protects continuity and compliance.
What you can do now
Before 14 October 2025, take these steps:
- Check your devices – see which ones run Windows 10.
- Assess upgrade options – can they run Windows 11?
- Plan replacements – budget for new hardware if needed.
- Secure remaining systems:
- Isolate them on your network
- Monitor for threats
- Back up data
- Update your incident response plans
The Time to Act Is Now
The Windows 10 end-of-life event is the largest cybersecurity and environmental challenge in modern computing. Organisations must assess, plan, and execute migration strategies before 14 October 2025 to avoid risk, cost, and disruption.
If you want to know more about how CNA Hardy can help protect technology firms, please contact Lauren Bates, [email protected]