Could the end of Windows 10 be a security risk?
culture
Inclusion and Diversity
Corporate Social Responsibility
Team BRIT
Environmental, Social & Governance
Insurance
accident and health
casualty
public and products liability
employers liability
environmental liability
contingency
event cancellation
non appearance
film
prize indemnity
cyber
cpr
xdr
bcap industrial
xdr pro tech
first50
cyber claims
cyber knowledge hub
delegated authority
commercial property
flood
financial property
homeowners
directors & officers
energy
Renewable Energy
e-trading
financial institutions
fine art and specie
healthcare liability
marine
cargo
hull and marine war
keel
marine and energy liability
political risk trade credit
political violence / terrorism
political violence/london
private client
home
motor
travel
professional liability
small north american liabilty
north american professional liability london
programs
property
north american open market property
international property
uk property
transportation
Reinsurance
casualty treaty
international casualty treaty/london
north america casualty treaty/london
casualty treaty bermuda
property treaty
property treaty
property treaty bermuda
Claims
Claims Philosophy
Claims Innovation
Cyber Claims
industries
aerospace
aquaculture, equine and livestock
architects and engineers
commercial
construction
consumer goods
education
energy
events & entertainment
farming and agriculture
financial services
healthcare
municipalities
personal lines
professional services
real estate
religious and not-for-profit
retail
technology
transportation
utilities and industrial
careers
Careers
Why join Brit?
Why work in Insurance?
our business areas - speaking for ourselves
business area - actuarial
business area - claims
business area - finance
business area - internal audit
business area - operations
business area - risk
news
Brit Group
Brit Global specialty
Brit Re
Brit India
Camargue
financials and governance
Financials
Governance
executive & board
Risk
History of Brit
Working with FinTechs and InsurTechs
Fair Value Assessments
brokers and coverholders
leadership
innovation
contact
Complaints
Privacy Notice
Modern Slavery
Terms and Conditions
The latest from Brit

Brit Group

Brit appoints Jonathan Mudd as Active Underwriter for Syndicate 2988

find out more

news

find out more
Adcybergap Header

news

As of 14 October 2025, Microsoft will cease providing free security updates, technical support, and patches for Windows 10.

While devices will still run, organisations continuing to rely on Windows 10 will face growing vulnerability to cyber threats. This transition presents a strategic chance for you to be proactive and steer your clients toward stronger security postures.

Windows 10 is still widely in use across businesses

Despite the impending End of Support, many organisations remain on Windows 10. A recent ControlUp report found that 50% of enterprise-managed Windows devices have yet to upgrade, compared to 80% a year earlier. This highlights both progress and persistent gaps, especially in sectors like healthcare and finance . Global market-share data echoes this: Windows 10 still accounted for 43% of desktop usage in August 2025, with Windows 11 at 53%.

The escalating security risks

Using unsupported software is not just outdated, it is inherently risky. Organisations running End of Support systems are highly attractive targets for attackers, as they no longer receive patches for newly discovered vulnerabilities. Indeed, exploits of known vulnerabilities now account for 20% of initial breach vectors, on par with stolen credentials. In essence, an unpatched Windows 10 machine is like an open door for threat actors.

Proactive risk management

Microsoft recommend some steps your clients should take as they manage this risk. They might not be aware of all of these, so it’s worth checking in with them to ensure they’re considering the following:

  • Upgrade to Windows 11: A forward-looking choice that restores patch-level security and brings enhanced protection and performance.
  • Extend via ESU: Microsoft’s Extended Security Updates (ESU) program offers a temporary lifeline. Business devices can enrol, though pricing doubles annually, so it is best viewed as a bridge, not a destination.
  • Prepare for hardware replacements: Where older machines fall short of Windows 11 requirements, advise your clients on phased hardware refreshes or strategic upgrades such as RAM or storage.

These actions align with prudent underwriting principles, mitigating exposure to cyber risk by encouraging current, supported software in client environments.

Practical Steps to guide your clients

  1. If you want to give actionable advice that will help your clients, advise them to focus on the following;
    Audit device fleet: Identify Windows 10 end-points and assess upgrade eligibility
  2. Promote staged transition plans: Encourage your clients plan workflows that combine device upgrades, ESU enrolment in the short term, and eventual full migration.
  3. Reinforce insurance narratives: Emphasise that clients maintaining up-to-date systems demonstrates proactive risk management and may influence coverage terms positively.

By turning attention to Windows 10’s End of Support now, you can help clients confidently navigate the change, strengthening cyber resilience while reinforcing the value of risk-aware decision-making.

To find out more about cyber risk, get in touch with our team.

Brit enters HNW market with Private Client launch

28-05-2020 |People
Read more

Brit expands newly launched Private Client offering with further hires

14-07-2020 |Private Client
Read more

Brit Private Client ranked first in high net worth report

02-05-2022 |Private Client
Read more

Brit Private Client Home Automation

24-11-2021 |Private Client
Read more

Brit appoints Tara Parchment to build Private Clients proposition

26-07-2018 |Private Client
Read more
London Footer White

A Fairfax Company

©2025 Brit Group Services Limited. All rights reserved.