Follow ZDNET: Add us as a favorite source On Google.
ZDNET Highlights
- Millions of computers globally are still running Windows 10.
- Attackers are ready, willing, and able to take advantage of unpatched PCs.
- Signing up for extended security updates is an important step.
With millions of computers around the world still running Windows 10, the one-time king of PC operating systems has officially passed its end-of-support deadline.
If you’re responsible for one of those machines and you’re not ready to upgrade to Windows 11, you can sign up for an Extended Security Updates (ESU) subscription today – consumers can get those updates for free until October 2026, as I explain here: How to get free Windows 10 security patches on your PC – from now until October 2026.
Also: Windows 10 support officially ends today – and millions of PCs locked out of ‘security crisis’
However, don’t delay. History shows that attackers are ready, willing, and able to exploit unpatched PCs, and the results can be devastating. How bad? Let’s hop on the Wayback Machine and see what happened the last time a hugely popular Windows version reached its end-of-support date.
For Windows 7, that date was January 14, 2020. That’s when consumers and small businesses stopped receiving security updates. Microsoft offered an extended security update program for business customers, but those subscriptions were expensive, and I found that finding someone who would sell you updates was a challenge.
outcome? In early 2021, a year after Windows 7 support ended, I estimated that at least 100 million PCs were still running that old OS.
Also: Gemini vs. Copilot: I tested an AI tool on 7 everyday tasks, and it wasn’t even close
The results were disappointingly predictable. Groups around the world specializing in ransomware attacks began looking for unpatched systems that could be exploited. As months go by without security updates, the more opportunities those attackers have to operate.
Those criminal networks, with names like Digital Shadows, Lockbit, Conti, and Vice Society, were busy running practical, human-powered campaigns, often exploiting new security vulnerabilities to help their ransomware attacks.
Also: How to upgrade your ‘incompatible’ Windows 10 PC to Windows 11 right now – free
Some of those groups may have disintegrated, but have been replaced by equally dedicated attackers. And these individuals are eager to work when support for the operating system ends.
In the case of Windows 7, the most infamous attack involved the PrintNightmare security bug, which was first disclosed in July 2021. The bug caused so much havoc worldwide that Microsoft took the rare step of releasing a patch for Windows 7 systems, even though support for those PCs had ended 18 months earlier.
The printnightmare incident had echoes of an earlier, devastating global pandemic. WannaCry, which was extremely effective against large populations of Windows XP PCs that were still in use in 2017, three years after support for that OS ended. At the time, Europol called the outbreak “the largest ransomware attack seen in history.”
Also: I think I know what’s coming to Windows 12, and you won’t like it
Even in that case, the scope of the attack was so wide that Microsoft released an out-of-band patch for Windows XP.
But those incidents were high-profile exceptions; There were many other, less publicized vulnerabilities that did not receive patches and remained open to exploitation on unsupported systems. Those vulnerabilities didn’t make headlines around the world, but if your organization was successfully compromised the impact was painful.
So, how likely is it that there will be a large-scale attack on Windows 10 holdouts as previous versions were targeted? Well, if you can predict it, you can prevent it. Those events occur without warning when an attacker stumbles upon an unpatched flaw on their way to exploit it. Sometimes these incidents involve multiple, seemingly small vulnerabilities that attackers figure out how to combine into an effective exploit.
Every month, Microsoft publishes a Detailed list of security fixes It has been released with the Patch Tuesday update. With each entry on the list, a rating is given as to how exploitable that flaw is. For November 2025, the first release after Windows 10 support ended, that list included a Windows kernel vulnerability (CVE-2025-62215According to the bulletin, “An attacker who successfully exploited this vulnerability could gain system privileges.”
Also: Microsoft at 50: Its incredible growth, 15 lost years, and spectacular comeback – in 4 charts
And under the Exploits heading, it is classified as “Exploit Detected”. The December security update included another vulnerability that is also classified as “exploit discovered”.
Fortunately, exploiting both of those vulnerabilities requires local access, at least for now. But history shows that it is only a matter of time before remotely exploitable attacks occur. When that day comes, you In fact I don’t want to run an unreleased, unsupported version of Windows.
