When Microsoft flips the switch on Windows 10 support this October 14, the move could funnel an estimated $7.3 billion into the company’s coffers through Extended Security Updates (ESU) alone, according to a new analysis by software firm Nexthink. The figure, derived from 121 million business devices each paying $61 for a year of critical security patches, crystallizes the high stakes as the world’s most popular operating system approaches its end-of-life deadline. But the number is as much a wake-up call as a prediction: it underscores the massive installed base still clinging to Windows 10 and the tough choices facing IT leaders and consumers alike.
Microsoft’s decision to end free security updates for Windows 10 Home and Pro on October 14, 2025, is no surprise—the lifecycle calendar has long marked this date. Yet the transition has morphed from a routine sunset into a complex story of budget shock, security threats, environmental risk, and even litigation. For enterprises, the commercial ESU program offers a time-limited bridge, but one that doubles in price each year. For consumers, a $30 one-time payment can buy a year of reprieve for up to 10 devices. Behind the numbers lies a pressing question: can the world migrate fast enough to avoid a cascade of costs and consequences?
The $7.3 Billion Question: How Nexthink Crunched the Numbers
The headline-grabbing $7.3 billion (about £5.4 billion) springs from a straightforward multiplication: roughly 121 million business PCs still on Windows 10 at the deadline, each paying the Year One enterprise ESU list price of $61. Nexthink arrived at the device count by starting with Microsoft’s disclosure of 1.4 billion global Windows devices, assuming 30% are in public or enterprise hands (420 million), and then projecting that Windows 10 usage among those will drop by a third before the cutoff. That leaves the 121 million figure.
Important caveats apply. Real-world bills will diverge—sometimes sharply—depending on volume licensing discounts, cloud exemptions (Windows 365 or Azure Virtual Desktop can include ESU at no extra per-device cost), and negotiated enterprise agreements. The $61 list price is a starting point, not a fixed invoice. Moreover, telemetry snapshots from firms like StatCounter show Windows 10’s share hovering around 40% in mid-2025, with Windows 11 slightly ahead; such metrics directly influence how many devices remain at risk. So the $7.3 billion serves best as a scale model for planning, not a literal receipt.
Breaking Down ESU: What You Get and What You Don’t
Microsoft’s ESU program is deliberately narrow. It delivers only security updates classified as Critical and Important. No feature updates, no general quality fixes, no design changes, and no full technical support. For consumers, a single $30 purchase covers up to 10 devices linked to one Microsoft account for one year, ending October 13, 2026. Some users may access free enrollment via Microsoft Account settings or Microsoft Rewards points in certain regions. The commercial tier, aimed at organizations, stretches up to three years but with annual price jumps that act as a strong migration incentive: $61 per device in Year One, $122 in Year Two, and $244 in Year Three. Cloud-hosted VMs often receive ESU differently; some scenarios are exempt if the underlying infrastructure includes equivalent protections.
Prerequisites are strict. Devices must run Windows 10 version 22H2 with the latest cumulative updates. Microsoft began rolling out consumer ESU enrollment features in mid-2025, so not all users see the option immediately. The program is explicitly temporary, a bridge for completing migrations rather than a long-term support model.
Enterprise Impact: Budget Shock and Compliance Minefield
For CIOs, the decision matrix is unforgiving. Each Windows 10 endpoint must either upgrade to Windows 11 in place, be replaced with new hardware, move to a cloud-hosted desktop, or buy into ESU and incur recurring costs that escalate rapidly. The complexity ratchets up when hardware eligibility, application compatibility, and regulatory standards collide.
Windows 11’s strict requirements—TPM 2.0, Secure Boot, and supported CPU families—render many older corporate fleets ineligible for in-place upgrades. Line-of-business applications, proprietary drivers, and specialized peripherals can force retention of specific Windows 10 builds. In heavily regulated industries, an unsupported OS creates audit exposure and liability if vulnerabilities go unpatched.
The recommended playbook: inventory every Windows 10 device, map its business criticality and compliance needs; model ESU costs under various scenarios, including multi-year escalation; pilot migration paths for representative device groups; then decide for each cohort—upgrade, replace, or contain-and-ESU. Procrastination only compresses choices and inflates costs as the deadline nears and discounts become less favorable.
Consumer Options: A $30 Lifeline with Limits
Households face a different calculus. The consumer ESU buy gives a 12-month safety net for up to 10 devices on one Microsoft account, making it a relatively painless stopgap for families with multiple older PCs. The free enrollment routes add flexibility for those willing to link settings or redeem rewards. Yet the protection is finite: after October 2026, no further consumer ESU is promised. Many older machines don’t qualify for a free Windows 11 upgrade, and while installing Windows 11 on unsupported hardware is technically possible, it voids official support and carries stability and security risks.
Environmental concerns amplify the consumer dilemma. Sending a functional PC to landfill because its OS slipped out of support strikes many as wasteful. Green groups urge repair, reuse, or donation to schools and community organizations. For light-duty tasks, Linux-based alternatives can breathe new life into aging hardware. Responsible recycling through certified e-waste channels remains a last resort.
Security Risks: Unsupported Systems as Attack Magnets
Once Microsoft stops patching Windows 10, every newly discovered vulnerability becomes a permanent open door. History shows that unsupported platforms quickly become low-hanging fruit for attackers—weaponized exploits for unpatched flaws spread rapidly. UK and international cybersecurity agencies consistently warn against prolonged use of end-of-life operating systems.
ESU narrows the gap by covering Critical and Important vulnerabilities, but it does not address the broader performance and compatibility drift that accumulates when a platform no longer receives full servicing. Defense-in-depth measures—network segmentation, endpoint detection and response, rigorous patching of other software—can reduce exposure for retained Windows 10 endpoints, but they are compensating controls, not substitutes for migration. The security rationale for moving to a supported OS remains compelling.
Environmental Fallout: The Looming E-Waste Surge
Environmental campaigners warn that the Windows 10 sunset could trigger the largest spike in electronic waste ever recorded. With nearly 400 million PCs potentially affected worldwide, the convergence of lifecycle deadlines, purchasing incentives, and hardware barriers creates a perfect storm for device turnover. Functioning computers that simply lack TPM 2.0 or a compatible CPU may be discarded, not because they’re broken, but because they’re deemed incompatible.
Mitigation strategies exist. Upgrading RAM or swapping to SSDs can extend useful life. Repurposing older machines for education, community access, or lightweight Linux tasks keeps them out of landfills. Certified recycling programs recover precious metals and manage hazardous materials safely. Policymakers and NGOs have urged Microsoft and OEMs to soften the impact through clearer upgrade paths, trade-in programs, and extended software support. The tension between platform modernization and circular-economy goals is plain, and how it is resolved will shape the environmental narrative for years.
Legal Challenges and Regulatory Scrutiny
The end-of-support deadline has already spawned litigation. A U.S. state court complaint seeks to enjoin Microsoft from halting free updates until the Windows 10 installed base falls below a plaintiff-defined threshold. The lawsuit alleges forced obsolescence, consumer harm, and environmental damage, framing Microsoft’s actions as a strategic push toward Windows 11 and AI-optimized hardware. These are allegations, not judicial findings, but they highlight the legal flashpoints when lifecycle decisions intersect with affordability and access.
Regulators and competition advocates are watching. They question whether tying new AI features to newer OS and hardware baselines unfairly disadvantages users locked into fully functional older devices. Whether corporate lifecycle policies carry consumer-protection or environmental externalities that warrant oversight remains an open debate. The litigation may prompt broader scrutiny of vendor lifecycle notifications in other jurisdictions.
Immediate Action Plan for IT and Consumers
Time is short, and pragmatism wins. For IT teams: inventory all Windows 10 endpoints, model ESU exposure, pilot upgrades, evaluate cloud alternatives (Windows 365, Azure Virtual Desktop), and implement compensating controls for unavoidable holdouts. For consumers: use Microsoft’s PC Health Check to test Windows 11 eligibility, consider the $30 ESU only as a bridge, explore trade-in and refurbishment programs, and back up data now. Delaying decisions simply hands more power to circumstance.
Balancing Progress and Responsibility
Microsoft’s approach has clear strengths. Consolidating on modern platforms reduces maintenance complexity and enables advanced security architectures like hardware-rooted protection and virtualization-based security that older hardware cannot support. The ESU construct provides a predictable, purchasable bridge for critical systems. Yet the deliberate ESU pricing escalation punishes prolonged dependence, squeezing budgets and potentially pushing some organizations toward short-term fixes rather than strategic modernization. The consumer pathway, while inexpensive, does little for cash-strapped schools, public institutions, or low-income households that cannot refresh hardware quickly. And the environmental risk is real if device turnover accelerates without adequate recycling infrastructure.
Allegations that Microsoft timed the sunset to accelerate sales of AI-optimized hardware or entrench Copilot-driven ecosystems remain contested claims in litigation. They may inform the broader discussion but are not established fact. What is certain is that October 14, 2025, is a hard deadline with material consequences. The $7.3 billion projection is a useful alarm bell, not a precise prediction. The wisest course for enterprises, IT managers, and consumers alike is to treat the transition as an operational risk to be managed now—with clear-eyed planning, pragmatic use of ESU where necessary, and a firm commitment to migration. The alternative is a costly scramble that benefits no one but the attackers.