On October 14, 2025, Microsoft will cut off free security updates for Windows 10. An estimated 400 million functional PCs worldwide cannot upgrade to Windows 11, a cliff-edge that has crystallised a fierce policy debate in Brussels. Campaigners are now demanding the European Union mandate 15 years of software support to curb "software-driven obsolescence" and avert a mounting e-waste disaster.

Right to Repair Europe and allied environmental groups have seized on the Windows 10 end-of-life as a textbook case of avoidable waste. They warn that if even a fraction of the incompatible machines are scrapped, the result could be more than 700 million kilograms of e-waste — roughly 70 Eiffel Towers. This week, the coalition pressed EU Environment Commissioner Jessika Roswall to introduce horizontal Ecodesign rules that would guarantee at least 15 years of security and functionality updates for laptops, and ideally for any device with a plug or battery.

"Microsoft's decision to end support for Windows 10 could make 400 million computers obsolete — not because they're broken, but because of software," said Cristina Ganapini, coordinator of Right to Repair Europe. "Companies can do this because there are no regulations to stop them."

The Windows 10 cliff-edge

Microsoft has long signalled October 2025 as the final deadline for Windows 10 security patches. After that date, users must pay for the Extended Security Updates (ESU) programme, upgrade to Windows 11, switch to an alternative operating system, or accept the risk of running an unpatched OS. For many, upgrading is impossible: Windows 11 demands a Trusted Platform Module (TPM) 2.0 chip, UEFI Secure Boot, and CPUs no older than Intel 8th‑gen or AMD Ryzen 2000 series. The company's own compatibility tools confirm that millions of still‑capable devices are locked out.

Microsoft’s consumer ESU offering attempts to soften the blow. In 2025, it detailed a modest one‑year extended security option for home users, purchasable through Microsoft accounts or redeemable via rewards. But the programme is explicitly temporary—meant only to buy a little more time—and critics argue it remains designed for deep‑pocketed enterprises rather than households and small businesses. The architectural cost of maintaining legacy code, back‑porting patches, and coordinating driver updates with OEMs is real, and Microsoft has historically priced enterprise ESUs at a premium that reflects that engineering burden.

EU policy: from five‑year smartphone rules to a 15‑year laptop mandate

The European Union already wields Ecodesign powers to impose repairability and update obligations. Draft rules for smartphones and tablets require at least five years of security updates and spare‑part availability. A newer Right to Repair directive broadens consumer rights, banning certain contractual or technical barriers that prevent repair. But campaigners argue that product‑category‑specific rules leave vast loopholes for longer‑lived hardware — laptops, medical devices, industrial controllers — that often remain in service well beyond a decade.

Ganapini’s coalition wants a horizontal, cross‑category law. Their proposal would:
- Guarantee 15 years of security and software updates for laptops (and ideally all battery‑ or mains‑powered devices).
- Align software support periods with the expected functional lifespan of hardware.
- Ban design or contractual techniques that force premature replacement.
- Require non‑discriminatory access for independent repairers to software and tools needed for repair and reuse.

The Windows 10 case, they say, exposes the gap between a typical laptop’s physical durability and its software‑determined lifespan. Many machines blocked from Windows 11 are perfectly serviceable for web browsing, office work, or specialised industrial tasks. Forcing their retirement because of a vendor’s support timeline shifts costs to consumers and the environment.

The environmental stakes in hard numbers

The campaign’s headline figure — 400 million at‑risk PCs — is an estimate based on hardware compatibility surveys and industry analysis, not a Microsoft‑issued count. Nonetheless, the extrapolation is stark. The group calculates that even a conservative disposal rate would generate over 700 million kilograms of e‑waste. This comes shortly after another alert from waste‑watchers: the rollout of iOS 26 could leave around 75 million iPhones (models XR and XS) without the latest OS, tipping the scales at roughly 1.2 million kilograms of potential e‑waste.

These projections, while indicative, illustrate a growing pattern. Software cut‑offs are increasingly the trigger for hardware replacements, overtaking mechanical failure as the primary driver of product renewal. For regulators, that means lifecycle rules must now treat software as a core durability component, much like a battery or a screen.

Technical realities and commercial tensions

Mandating 15 years of updates sounds straightforward on paper, but the engineering cost is formidable. Security maintenance for an old operating system branch requires:
- Back‑porting fixes from current codebases, often across multiple architectural changes.
- Continuous quality assurance against legacy drivers, firmware, and OEM‑specific configurations.
- Retaining engineers with expertise in deprecated stacks.
- Coordinating with hardware vendors for firmware and driver patches when vulnerabilities are hardware‑dependent.

Microsoft’s push towards Windows 11 has been justified, in part, by platform‑level security enhancements. TPM 2.0 enables virtualization‑based security, Secure Boot, and a hardened attestation process. Older hardware simply cannot support these features, meaning that even with security patches, the attack surface remains larger than on modern PCs. A long‑update mandate could force vendors to maintain inherently less secure architectures, a paradox that policymakers must reconcile.

Smaller manufacturers would face disproportionate costs. Producing and maintaining firmware updates for 15‑year‑old devices could stifle innovation or push players out of the market. The EU would need to define what constitutes a “security update” versus a “functional update,” and determine whether performance‑degrading patches would be permissible. Critics also note that rigid timelines might discourage vendors from adding genuinely useful new hardware requirements, such as cryptographic accelerators or biometric sensors.

Policy alternatives and practical compromises

A blanket 15‑year mandate is not the only path. The debate in Brussels is already surfacing more nuanced designs:
- Tiered update obligations: A 10‑year security‑update floor for laptops, extendable to 15 years for medical or industrial equipment, with a shorter (5–7 year) requirement for feature updates.
- Mandatory transitional rights: A legal guarantee allowing users to install alternative operating systems — such as Linux — when vendor support ends, coupled with requirements to publish non‑proprietary drivers and interfaces where technically feasible.
- Cost‑sharing models: An industry‑wide software maintenance fund, funded by levies across the device lifecycle, to spread the cost of long‑tail patching.
- Consumer labelling: A guaranteed‑update‑period label at point‑of‑sale, enabling buyers to vote with their wallets and incentivising longer support commitments.
- Public procurement levers: Governments and large enterprises could explicitly require 15‑year support roadmaps in tenders, driving market transformation from the demand side.

These options aim to balance environmental ambition against technical feasibility and market competitiveness. They also reflect the reality that for some device classes — safety‑critical embedded systems, for instance — perpetual patching could be dangerous and would need carefully crafted exemptions.

The corporate response so far

Microsoft has not publicly addressed the 15‑year proposal directly. Its messaging remains focused on the decade‑long transition window offered for Windows 10 and the availability of the ESU programme. The company announced a 10 percent quarterly dividend hike just as the October deadline approaches, a move that campaigners painted as profiteering amid an e‑waste crisis. Redmond insists customers have had ample time to prepare and points to Windows 11’s security advantages as a genuine upgrade justification.

Other platform vendors are watching closely. Apple’s iOS support windows typically span five to seven years for iPhones, while Google’s Pixel phones recently moved to seven‑year update promises. A horizontal EU mandate would upend product strategies across the entire consumer electronics industry, not just the Windows ecosystem.

What enterprises, vendors, and consumers can do right now

  • Vendors should publish explicit long‑term security roadmaps and offer transparent, capped paid maintenance packages. Designing hardware with modular components and open‑source driver support would lower the cost of post‑EOS life.
  • Enterprises and public bodies must embed update guarantees and repairability clauses into procurement contracts. Modular, repairable devices with long support windows should be favoured, creating market pull.
  • Consumers can check promised support periods before purchase, explore refurbished devices, and investigate community‑maintained OS options when official support ends. The repair‑community movement offers practical help, from battery swaps to SSD upgrades.
  • Policymakers should fast‑track interlocking rules that combine Ecodesign, Right to Repair, and green public procurement. Avoid single‑vendor lock‑ins and ensure that software lifecycle obligations are paired with repairer access to diagnostic tools and spare parts.

A pragmatic path forward

The Windows 10 end‑of‑support episode is a wake‑up call, not an outlier. It lays bare how easily a single vendor’s support decision can ripple into a global e‑waste event. A mandatory, cross‑category EU requirement for long‑term security updates — scoped, tiered, and limited to security maintenance rather than indefinite feature back‑porting — could shift the market towards durable design and transparent lifecycle promises.

Any mandate must be technically precise and economically calibrated. Security‑only update obligations, phased implementation, targeted exemptions for exceptional device classes, and funding mechanisms to ease the burden on smaller manufacturers are essential ingredients. Coupled with strong rights to install alternative software and repairer access, such a framework could cut waste without freezing innovation.

The debate is now live in Brussels. The technical facts are clear, the environmental stakes are high, and the policy levers already exist. The crucial question is whether regulators can forge ambitious but practicable rules — and whether platform owners, OEMs, and civil society can strike a compromise that preserves security, innovation, and the planet.