Microsoft Extends Security Support for Windows 10 till 2028: What Businesses Need to Know

Microsoft’s decision to extend security update support for Microsoft 365 Apps on Windows 10 until October 10, 2028, marks a significant development for millions of businesses and consumers clinging to familiar operating systems. This extension, which goes far beyond the original cutoff for Windows 10 itself, addresses an issue at the heart of the modern enterprise: balancing the urgent demands of cybersecurity with the logistical and financial realities of large-scale OS migrations. As both IT departments and everyday users navigate this phase, the move raises both relief and new questions about long-term risk, productivity, and the ever-tightening interplay between software and hardware cycles.

Microsoft 365 Apps: Lifeboat for Reluctant Migrators​

Microsoft’s support lifecycle is notorious for its strict deadlines; the company insists that regular upgrades are essential for security, functionality, and, ultimately, customer satisfaction. Originally, support for Microsoft 365 Apps on Windows 10 was set to expire in October 2025, aligning with Windows 10’s end-of-life (EOL) date. This would have forced millions to accelerate their transition to Windows 11 or face the vulnerabilities and instability of unsupported software.
Instead, in a move reflecting both customer pressure and market realities, Microsoft announced that it will furnish security updates for Microsoft 365 applications—including Word, Excel, PowerPoint, and Outlook—on Windows 10 through October 10, 2028. This gives organizations—especially those with entrenched legacy systems or hardware constraints—additional breathing room to strategize, budget, and deploy their upgrade paths.

What’s Included—And What Isn’t​

• Security Updates: Essential patches to shield users from malware, vulnerabilities, and cyberattacks will remain available to all Microsoft 365 subscribers for three years following Windows 10 EOL.
• Support Scope: Users can continue to open support cases relating to Microsoft 365 Apps, but only limited troubleshooting and guidance will be provided. If a technical problem is rooted in components dependent on Windows 10 or its kernel, guidance will often be restricted to basic suggestions, and complex issues may go unresolved.
• No New Features or Major Bug Fixes: Full support—including feature enhancements and in-depth bug fixing—still requires Windows 11. Those staying on Windows 10 must accept a static, security-focused experience, with no prospect of substantive new Microsoft 365 capabilities.

Microsoft’s support documentation is categorical: “Although apps such as Word will continue to work after Windows 10 reaches end of support, using an unsupported operating system can cause performance and reliability issues when running Microsoft 365 Apps. If your organization is using Microsoft 365 Apps on devices running Windows 10, those devices should move to Windows 11,” the company states.

The Windows 10 Conundrum: Market Reality Versus Migration Mandate​

Despite relentless promotion and the technological advances in Windows 11, the Windows 10 user base remains substantial. As of spring 2025, data from Statcounter places Windows 10 at approximately 53% of all Windows desktop installations globally, while Windows 11 sits at 44%. For enterprise IT teams, this signals a monumental migration yet to be undertaken; for Microsoft, it reflects the complex inertia that pervades major platform shifts.
Upgrades are rarely straightforward. Windows 11’s hardware requirements—such as the necessity for TPM 2.0 chips and certain CPU generations—pose non-trivial hurdles for older fleets. Licensing costs, retraining staff, software compatibility checks, and comprehensive device management all raise formidable barriers.

Financial and Logistical Calculus​

For organizations unable or unwilling to rush into Windows 11, Microsoft’s Extended Security Updates (ESUs) for Windows 10 will offer a lifeline. The program, similar to that offered for Windows 7, permits companies to receive critical security fixes post-official support. ESUs for Windows 10 will run up to three years for commercial customers and a single year for consumers. The price, notably, is progressive: $61 per device in the first year, doubling each subsequent year—a model designed to dissuade complacency and nudge migration forward.

• Year 1: $61 per device
• Year 2: $122 per device
• Year 3: $244 per device

While these costs are marginal for small deployments, they can quickly escalate into six- or seven-figure sums for enterprises running thousands of endpoints. Moreover, ESUs do not unlock new functionality or guarantee all core features will perform as expected forever—they are a “last resort” strategy, not a substitute for updating to a supported platform.

Critical Analysis: Strengths and Strategic Implications​

Strengths of the Extended Support Model​

• Risk Containment: Security remains the top priority, and providing Microsoft 365 security updates on Windows 10 until 2028 ensures that late migrators aren’t left entirely vulnerable. This reduces the risk profile for organizations that can’t immediately switch.
• User-Centric Flexibility: Many industries, especially healthcare, education, and manufacturing, depend on specialized Windows 10 software or hardware that cannot be easily replaced. Microsoft’s approach acknowledges these practical constraints.
• Predictable Roadmap: By specifying exact cutoff dates and costs, Microsoft enables CIOs and IT managers to budget and plan transitions with greater clarity.

Potential Risks and Weaknesses​

• False Sense of Security: Relying exclusively on security updates while forgoing newer OS improvements overlooks other vital aspects of platform health, such as performance, reliability, and evolving security paradigms. Running Microsoft 365 Apps on an unsupported OS may introduce subtle instabilities and degrade user experience over time.
• No Feature Innovation: As Windows 10 stagnates, Microsoft 365 apps will stagnate on it as well. Organizations will miss out on productivity and collaboration enhancements tailored for Windows 11, potentially eroding competitiveness.
• Limited Technical Support: Even with ESUs and basic troubleshooting, organizations may confront complex compatibility issues that Microsoft will decline to solve. Bugs tied to Windows 10’s architecture or outdated drivers could become unfixable liabilities.
• Escalating ESU Costs: Large organizations delaying migration face rapidly ballooning ESU fees, turning short-term cost relief into a medium-term budgetary crisis.

Transition Planning: How Organizations Should Respond​

Inventory and Assessment​

Start with a comprehensive audit of both hardware assets and mission-critical software dependencies. Determine which devices can be upgraded to Windows 11 with modest investments, and which legacy systems require full replacement or virtualized alternatives.

• Hardware Compatibility Checks: Intel 8th-Gen/AMD Ryzen 2000 CPUs and newer are required for Windows 11. Devices lacking Secure Boot or TPM 2.0 must be phased out or segregated.
• Application Testing: Evaluate in-house apps and third-party solutions under Windows 11, prioritizing those with known compatibility concerns.

Budgeting for ESUs and Migration​

Design a phased migration plan that aligns with operational priorities and risk tolerance. Use Microsoft’s clearly defined ESU cost escalation as a motivator:

Year	ESU Cost Per Device	Cumulative Cost (Per Device)
Year 1	$61	$61
Year 2	$122	$183
Year 3	$244	$427

Prepare for gradual device retirement, repurposing, or redeployment. Consider re-investing in hardware that ensures support for both Windows 11 and future Windows editions.

Change Management and Training​

Moving to Windows 11 involves more than technical tweaks; it requires user engagement and adaptation. Training programs, clear communication, and visible IT support help minimize friction and maximize enthusiasm for new features—especially those tied to productivity and security.

• Security Protocols: Reinforce the necessity of security hygiene during the overlap period. Even with app-level updates, OS-level exposures linger.
• Feature Awareness: Make users aware of advanced Microsoft 365 features only available on Windows 11, fostering anticipation rather than resistance.

The Broader Ecosystem: Vendor Response and Market Dynamics​

Microsoft’s decision influences independent software vendors (ISVs), hardware partners, and industry regulators. Many third-party vendors will align their roadmaps based on these extended support timelines, but some may accelerate their pivot toward Windows 11 exclusivity. Enterprises relying on niche applications may find themselves exerting pressure on smaller ISVs to delay de-supporting Windows 10, driving a fragmented support landscape.
Meanwhile, regulators—especially in critical sectors—may issue their own guidelines as to what constitutes “supported” versus “at-risk” deployment, further complicating compliance for organizations navigating overlapping mandates.

Hardware Refresh Cycles​

The protracted support window for Microsoft 365 Apps will likely delay but not remove the necessity of hardware upgrades. As device makers focus on Windows 11 certification and advanced silicon features, aging Windows 10 machines will gradually lose ecosystem compatibility, further incentivizing hardware refreshes. Organizations should use the migration window for strategic procurement: acquire PCs that meet not only today’s requirements but are also aligned with Microsoft’s long-term hardware vision.

Security Paradigm: Beyond Patch Delivery​

It’s vital for IT leaders not to misinterpret extended support as a green light to relax vigilance. The threat landscape evolves rapidly, and the most effective defense involves layered security: modern operating systems, timely application updates, robust endpoint protection, and user education. Security updates for Microsoft 365 Apps address application-layer flaws—but if Windows 10 itself becomes increasingly vulnerable to kernel-level exploits or rootkits, no document patch can fully compensate.
Security experts widely recommend migrating to a fully supported OS as soon as practical. While Microsoft’s extension is “better than nothing,” it should not encourage complacency. The company itself is unequivocal: unsupported operating systems are susceptible to “performance and reliability issues,” and, by implication, higher breach risks.

Consumer Perspective: Short-Term Relief, Long-Term Decisions​

For individual users and small businesses, the extension provides temporary continuity. Those with older hardware incompatible with Windows 11 get an extra three years to plan their next steps. However, after October 2028, even this reprieve ends: Microsoft 365 Apps on Windows 10 will operate entirely at users’ own risk, with neither security updates nor support of any kind.
Choices for these users include:

• Upgrading PC hardware to enable Windows 11 compatibility.
• Exploring alternative platforms, such as non-Windows productivity suites or cloud-based solutions accessed from non-PC devices.
• Accepting reduced risk tolerance for non-critical workflows, especially for home use or isolated, offline scenarios.

Conclusion: Navigating a Managed Sunset​

Microsoft’s extension of security updates for Microsoft 365 Apps on Windows 10 until 2028 is both a concession to customer reality and a calculated way to ensure that adoption gaps do not become security nightmares. The phased, escalating ESU strategy sends a clear signal: time will not stand still, and the cost of clinging to outdated operating systems will rise each year.
For CIOs, IT administrators, and everyday users alike, the updated timeline offers a buffer to make sound, orderly decisions—choices that must balance technical constraints, budget pressures, user expectations, and ever-present security imperatives. But the message is unmistakable: Windows 11 is the standard, and all roads—eventually—must lead there.
Organizations and individuals should see Microsoft’s move not as a permanent reprieve, but as a final opportunity to align their workflows, assets, and security posture with the modern Windows ecosystem. As 2028 approaches, the imperative for transition will only grow more urgent—and the penalties for delay, more severe. The era of Windows 10, and its pivotal role as the foundation for global productivity, is winding down—with one last, carefully managed sunset in view.

---

Source: Petri IT Knowledgebase Microsoft 365 Apps to Get Security Updates on Windows 10 Until 2028