Windows 10 Security Updates: A Quick Reference Guide

Windows 10 Security Updates: A Quick Reference Guide

When should vulnerabilities be described as “critical”?

Microsoft labels them that way when exploitation could potentially allow code execution without any user action.

We’ll keep this in mind as Windows 10 reaches its end of life. That date is October 13, 2025. A phase of broad security updates distribution (ESU, Extended Security Updates) will then begin.

Read also: Windows 11 26H1, this thorn in the admins’ side

These updates will cover critical vulnerabilities, as well as those classified as “important.” In other words, vulnerabilities that, in broad terms, could compromise user data or processing resources.

How to access ESU for Windows 10?

ESUs will be available for devices running Windows 10 22H2 with a minimum of the cumulative update KB5466123 (November 2024).

On Enterprise editions and Pro licenses used in a commercial setting, ESUs are accessible through volume licensing programs. Enrollment via CSP partners will be possible starting September 1, 2025.

For the first time, Microsoft is opening the scheme to consumer PCs. An enrollment assistant will be available via notifications and in Settings. Currently tested within the Windows Insider program, it will roll out from July (general availability announced for mid-August).

How long will ESU last?

For businesses, ESUs are expected to last three years (through October 10, 2028).

For individuals, they will be limited to one year (through October 13, 2026).

Activation keys cannot be used before the start of the ESU period (the first update is scheduled for November 11, 2025).

How much does it cost?

ESUs are purchased annually, per device.

In business, the price for the first year is the same as with Windows 7: $61 per machine. It will double in year 2 ($122), then again in year 3 ($244).

Read also: Agent 365: towards a new Microsoft business model

A 25% discount is offered to those using a cloud-based solution—Intune or Autopatch, for example—to manage Windows updates.

In education, Microsoft applies a specific rate: $1 per device in the first year, $2 in the second, and $4 in the third.

For consumer PCs, two options will be offered:

  • Use Windows Backup to sync settings to the cloud
  • Pay $30
  • Pay with Microsoft Rewards points (1,000 points)

Anyone joining mid-program will need to pay for the preceding years (ESUs are cumulative).

ESUs do not include technical support, except in cases where they would cause regressions.

Free with Windows 365 and Azure VMs

ESUs are free and automatically activated for Windows 365 virtual machines and for those linked to services such as:

  • Azure Dedicated Host
  • Azure VMware Solution
  • Nutanix Cloud Clusters on Azure
  • Azure Local
  • Azure Stack Hub
  • Azure Stack Edge

They are also free for devices running Windows 10 that access Windows Cloud PCs running Windows 11 via Windows 365 or Azure Virtual Desktop.

A special treatment for Defender antivirus and Microsoft 365 apps

With or without ESU, Defender antivirus will receive updates through October 2028.

The same deadline applies to Microsoft 365 apps, which will receive feature updates up to the release of version 2608:

  • August 2026 on the current channel
  • October 13, 2026 on the enterprise monthly channel
  • January 12, 2027 on the enterprise semi-annual channel
Dawn Liphardt

Dawn Liphardt

I'm Dawn Liphardt, the founder and lead writer of this publication. With a background in philosophy and a deep interest in the social impact of technology, I started this platform to explore how innovation shapes — and sometimes disrupts — the world we live in. My work focuses on critical, human-centered storytelling at the frontier of artificial intelligence and emerging tech.

© 2025 Dawn Liphardt