Microsoft Extends Windows 10 Security Updates for Users Up to October 2027

HomeCyber Security Microsoft Extends Windows 10 Security Updates for Users Up to October 2027 By Guru Baran June 26, 2026 Microsoft has quietly expanded its Windows 10 Extended Security Updates (ESU) program, allowing consumers to receive critical security patches through October 12, 2027, an additional year beyond the program’s originally planned expiration date of October 12, 2026. Windows 10 officially reached its end of support on October 14, 2025, leaving millions of users globally exposed to potential vulnerabilities without security patches. To ease the transition to Windows 11, Microsoft had initially launched the consumer ESU program to provide a one-year security bridge through October 2026. However, recognizing that a large portion of the user base has not yet migrated, Microsoft has now silently updated its ESU program page to extend coverage by an additional full year. Users who are already enrolled need not take any action; their coverage automatically continues through the new end date. What Is the Windows 10 ESU Program? The Extended Security Updates program provides enrolled Windows 10 devices with critical and important security updates as classified by the Microsoft Security Response Center (MSRC). The program exclusively covers Windows 10, version 22H2, including Home, Professional, Pro Education, and Workstations editions. Importantly, ESU enrollment does not include feature updates, product enhancements, or access to technical support. Its sole purpose is to reduce exposure to malware and cyberattacks during the transition period. To qualify for the consumer ESU program, devices must meet the following requirements: Must be running Windows 10, version 22H2 (Home, Pro, Pro Education, or Workstations edition). Must have the latest Windows updates installed prior to enrollment. The Microsoft account used to sign in must have administrator privileges. The Microsoft account cannot be a child account. Devices in kiosk mode, joined to an Active Directory domain, or enrolled in a Mobile Device Management (MDM) solution, are ineligible for the consumer ESU program. Microsoft offers three enrollment tiers for the consumer ESU program: Free — for users who have PC Settings Sync (Windows Backup) enabled. 1,000 Microsoft Rewards points are redeemable for enrollment. $30 USD (one-time purchase, plus applicable local taxes) for users without Rewards points or sync enabled. A single ESU license can be applied to up to 10 devices under the same Microsoft account, making it a cost-effective option for households with multiple Windows 10 machines. Enrolling is straightforward: navigate to Settings > Update & Security > Windows Update. If the device meets all prerequisites, an “Enroll now” option will appear under the end-of-support notification. Users signing in with a local account will be prompted to authenticate with their Microsoft account to complete enrollment. Security professionals and IT administrators should treat this extension as a temporary risk-mitigation measure, not a permanent solution. Unenrolled devices running Windows 10 remain highly vulnerable to exploitation, ransomware, and zero-day attacks without active patch coverage. Organizations managing enterprise deployments should evaluate the commercial ESU pathway or accelerate Windows 11 migration planning to avoid compounding technical debt and security exposure. Windows Secure Boot Certificates to Expire – What IT Teams Should Do Before the Deadline. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News Klue Hack Leads to Data Breach Across Multiple Cybersecurity Companies INC Ransomware Uses Rust-Based Windows and Linux/ESXi Encryptors in New Attacks OpenClaw Skill Marketplace Exposes AI Agents to Supply Chain Malware and Financial Fraud Hackers Using FortigateSniffer Tool That Turns Compromised Firewalls Into Password Collectors OpenAI Releases GPT‑5.5‑Cyber With Full Automation for Vulnerability Detection and Patching Latest News Cyber Security Russia Used Cellebrite Tool to Hack Activist’s iPhone Despite Contract Cancellation Cyber Security Windows Secure Boot Certificate Expired — Billions of PCs Affected Including Linux Distros Technology Best Pentesting Tools for Internal vs External Testing Cyber Security 25-Year-Old Vulnerability in cURL Used by 30 Billion Devices Finally Patched Cyber Security News LokiBot Campaign Uses JScript Attachment, .NET Injector, and Process Injection to Steal Credentials