“You can’t throw a habit out the window,” famous writer Mark Twain once said. “You have to beat them down the stairs, step by step.”
The saying fits well with a topic that many PC users now have to deal with. Because free support for Windows 10 ends in October 2025.
IT experts recommend switching to Windows 11 or an alternative operating system that receives security patches by then at the latest. Many users will have to get used to it.
The risk of malware increases with old operating systems
Because: Computers that run on an outdated operating system are a security risk. Without regular updates, newly discovered vulnerabilities in the system remain open and attacks become easier and more successful.
For example, affected devices can more easily catch malware. Such as Trojans, viruses or other malicious programs. As a result, the risk of losing personal data to cybercriminals increases. Credit card fraud or identity theft are just two of the possible consequences.
IT security expert Thorsten Urbanski from Eset told the German Press Agency a few days ago against this background: “It's five to twelve to avoid a security fiasco in 2025.”
Anna Lena Fehlhaber, who teaches seminars on the topic of “Human Factors in Cybersecurity” at Leibniz University in Hanover, basically agrees with him.
It's better to change – but don't panic
“It's never a good idea to use an operating system that no longer receives security updates. When vulnerabilities are found, they are usually no longer closed or only closed if they are very critical,” she says in an interview with FOCUS online.
Nevertheless, in her opinion, users should not panic. “It is important to understand that browsers such as Firefox or Chrome for Windows 10 will likely still receive updates,” said the security researcher.
Just because Microsoft has announced that it will soon no longer provide Windows 10 with free security updates, “that doesn’t mean that everything will automatically become totally insecure from October onwards”. Browser updates protect against individual attack vectors, such as vulnerabilities in browser code.
“This is an important component,” says Fehlhaber. But she also addresses an important catch. Because attackers are looking for the biggest weak point. In the Windows 10 scenario, that would be an expired operating system. Fehlhaber’s advice is therefore: “Be careful and that Upgrade to Windows 11, but don’t panic.”
It's not just private users who should upgrade
What is certain is that many people are affected by the end of free Windows 10 support. According to the security company Eset, 32 million computers in this country are still running Windows 10. They belong not only to private users, but also to companies, authorities and other institutions.
“I know many companies and institutions that use old systems. The level of digital competence of those responsible is often at the level of a fax machine,” says Manuel Atug in an interview with FOCUS online. “Many then say: It still works, it's not broken, you can continue to use it.”
It is enough for a server through which a company controls its inventory management to be deleted or hacked. “Then in extreme cases you can close the shop,” he says. Atug knows what he's talking about. He has worked as a cybersecurity expert for many years. He also regularly advises and examines so-called critical infrastructures (KRITIS).
They are divided into different sectors, such as health, water, energy, transport and traffic, government and administration as well as finance and insurance. According to KRITIS, Atug sees massive problems with the end of Windows 10 support. As he explains, there are already many outdated systems in use today. “Some of what I saw was quite scary,” said the cybersecurity expert.
“There are medical devices that still run Windows 98”
Just upgrade to Windows 11 – in his opinion, that often doesn't work. The reason for this is multi-layered systems in which components cannot be easily replaced or updated because they are certified. Atug speaks from experience: “There are medical devices that still run on Windows 98.”
Another sensitive area of CRITIS is banking. Security is particularly important where money is involved. Apparently there is already movement here.
“Banks and savings banks prepare for such a version change in good time in their IT planning,” writes “Die Deutsche Kreditwirtschaft” when asked by FOCUS online how to deal with the end of support for Windows 10.
According to the statement, from January 15th, banks and savings banks are obliged under the Digital Operational Resilience Act (DORA) to “keep their information and communication technology systems up to date at all times and to address the associated security risks to monitor and control”.
German authorities remain tight-lipped about “Ask the State”.
This includes the use of the current operating system version – i.e. Windows 11. According to the statement, the banks and savings banks are responsible for the internal migration to newer software and operating versions “independently and individually”.
Many authorities are less clear than “The German Banking Industry” – or not at all – about the end of free Windows 10 support. If you look around the “Ask the State” platform, you will find numerous inquiries on this topic.
Among others, the Baden-Württemberg Ministry of the Interior, the Freiburg Labor Court and local governments in North Rhine-Westphalia were asked for information. Some authorities say they are already in the process of switching to Windows 11.
“There will be companies that hit the wall completely”
However, many answers are still pending. Maybe because the questions came at the end of the year, just before the holidays. But maybe also quite consciously.
The reaction of the Federal Ministry of Digital and Transport to a question on December 19th about how to deal with the end of support for Windows 10 is noteworthy. It says that the question cannot be answered because revealing the information would make hacker attacks easier.
Atug says: “The pushing around speaks for itself. Exactly when Windows 10 will expire has been known for years.” The cybersecurity expert believes that there are IT managers who are trying to ensure a smooth switch to Windows 11 or another operating system supported by the manufacturer.
“But some authorities and companies will also hit the wall.” That would be explosive because they are data trustees. Not only their own information, but also customer information would be compromised by possible security incidents.
Switching to Windows 11 is still not that easy
Ultimately, there is another problem: Switching to Windows 11 is not possible for everyone if they want to. Many devices that are currently running Windows 10 do not meet the hardware requirements to be able to update to Windows 11.
These include, for example, technologies such as the “Trusted Platform Module” (TPM) 2.0 chip or Secure Boot. Affected users, authorities or companies either have to purchase new devices. Or they switch to another operating system, for example Linux.
FOCUS online wanted to know from Microsoft why Windows 10 is no longer supported when it is so widely used, what they think about the criticism that the approach is ecologically questionable, and whether there will be an emergency plan for companies and public institutions in view of this reach their – financial – limits as a result of the changeover.
There is a kind of “emergency option”
The group simply referred to a blog post in which the conversion to and the advantages of Windows 11 are advertised. Below we talk about a “program for extended security updates” (ESU), which should also be available to private individuals.
The blog post states: “The consumer ESU program will be a one-year option for $30. Registration for the program will open toward the end of support in 2025.”
So if you want to continue using Windows 10 – with security updates – you can do so. But for money and only for a limited time. Cybersecurity expert Atug can imagine that some companies will take advantage of the “extended support”.
“I even know KRITIS organizations that still pay for security updates for Windows 2000. These are very special, and also very expensive, contracts – for archaeologically valuable systems.”
