In case you missed Microsoft’s announcement, January 10, 2023, was a solemn occasion. The software giant communicated that another of its ubiquitous operating systems (OS), Windows 10, was entering its product sunset period and is going to reach its End-of-Life (EOL) on October 14, 2025.
What’s the big deal about using unsupported tech?
Both non-updated, and outdated software, in general, literally invite criminals to infiltrate IT systems. We must accept that security is provided to our PCs by two parties, the first via the creator of the operating system (in this case Microsoft) and the second by a security vendor. With older platforms, there are either limited or no longer any security updates. This includes Windows XP, Vista, 7 & 8.1*. However, machines running these platforms are still in use on the internet in their millions, even if the flaws found are as large as can be.
The biggest risk comes from vulnerabilities in network protocols, such as EternalBlue (2017) and others, which are still massively exploited today. The encryption Trojan WannaCry(ptor) -which leveraged Eternal Blue- was still responsible (as of 2022/23), for over half of all ransomware infection attempts. While WannaCry(ptor) mainly uses a Windows vulnerability that has long had an effective patch, when updates and patches are not applied, your system remains vulnerable.
More recent incidents like the zero-day exploit of MOVEit (a paid file transfer app) have led to a large-scale ransomware infection of businesses and governments globally via supplier software. While not OS software, unpatched vulnerabilities in supplier software can also leave users similarly exposed.
Security is as security does, especially at scale
Product sunset “gets real” when the functional limitations of software begin to open the door to criminal manipulation. This becomes a concern because at some point, it simply no longer makes economic sense to the provider to keep developers maintaining:
- Old software with complex, legacy architecture
- Difficult or impossible to make one software work well with newer code and hardware standards.
While an OS like Windows 10 has many features and functions users and businesses benefit from, progress means that the economic and technical factors above play a decisive role. So let's take a look at one of the most critical areas in which EOL has an impact, its role in security.
Microsoft End of life affects ESET products on your device
The last version of Windows 10 was released in the fall of 2022. As with each previous OS version, ESET products had to be modified to provide maximum protection and full functionality. Once Microsoft communicated the date for the conclusion of its own period of mainstream support, most critically, security updates, this has portended potential technical impediments to compatibility with ESET products.
*Specifically, ESET supports an OS until technical issues from the OS vendor’s side can no longer be overcome with reasonable effort.
What should you expect?
Any version of an OS that is not the latest (or does not have the latest updates installed) can impact ESET and other security products in that some components or features might stop functioning (in the worst case) or that the user may not be able to install new builds (security and stability updates or feature updates) of ESET products. This is, for instance, the case of Windows 10 versions that are not the latest – these lack support for Azure Code signing, so users will need to install new updates to ESET products.
Affected Business products:
- ESET Endpoint Antivirus
- ESET Endpoint Security
- ESET Server Security for Microsoft Windows Server
- ESET Security for Microsoft SharePoint Server
- ESET Mail Security for Microsoft Exchange Server
- ESET Mail Security for IBM Domino
Home products:
- ESET NOD32 Antivirus
- ESET Internet Security
- ESET Smart Security Premium
From a hardware point of view, many PCs running Windows 10 have sufficient computing resources/performance to run Windows 11. However, in specific cases, hardware replacement may make sense. ESET strongly encourages you to make the move to Windows 11, as this version is the most fine-tuned and most secure, and as it is the latest version, enabling you to enjoy the full potential of ESET products. ESET also highly recommends you enable automatic Windows updates so that you do not miss any security patches or critical and driver updates.
Riding the Windows 10 wave to the very end?
With 17 months remaining until Microsoft ends product support for users of Windows 10 Home, Pro, Enterprise, and Education (Version 22H2), users have two roads to travel – stay on Windows 10 or begin planning an upgrade to Windows 11. Businesses and consumers should closely examine their PC and Server infrastructure’s compatibility with Windows 11 and decide If, how, and when to invest in futureproofing their IT infrastructure with secure computing in mind.
For ESET-protected Small and Medium Businesses (SMB) and both enterprises and institutional customers, an IT environment-wide upgrade to Windows 11 is a necessity. Business users at this scale should carefully consider the security risks of migrating after the end of our period of limited support. In that case, businesses will be left with Microsoft’s built-in security features and components, which leaves a security environment partially reliant on signature-based detections rather than security modules that include advanced threat defence – a set of technologies that defend against targeted attacks and new, never-before-seen threat types, especially ransomware.
For PCs left running Windows 10, which will reach the end of support on October 14, 2025, the current version 22H2 will be the final, with remaining support provided via a monthly security update until that date. For users delaying a move to Windows 11, it is critical that you stay on briefed about ESET support at our ESET Knowledge Base article here.