No more security patches for Windows 10 as of today. Small businesses must upgrade, pay for extensions, or risk compliance failures and breaches.
What’s happening: Microsoft officially ended support for Windows 10 on 14 October 2025. The company will no longer provide security updates, bug fixes, feature updates, or technical support for the operating system. Research indicates 38% of Australian computers still ran Windows 10 between July and September this year.
Why this matters: Computers running Windows 10 will continue to function, but without continued software and security updates, devices face greater risk for viruses and malware. Attackers often target SMEs, viewing them as easier prey due to perceived weaker defences compared to larger organisations.
The clock has run out on Windows 10. After a decade of service, Microsoft has closed the door on technical assistance, feature updates, and security patches for an operating system still running on millions of business devices across Australia. For small and medium enterprises, the implications are immediate and costly.
Without continued software and security updates, computers will be at greater risk for viruses and malware. Unlike larger organisations with dedicated IT departments and sophisticated security infrastructure, most SMEs lack the internal expertise and resources to manage complex transitions or absorb the impact of a cyberattack.
Attackers often target SMEs, viewing them as easier prey due to perceived weaker defences compared to larger organisations. This makes the security implications of remaining on unsupported systems particularly acute for smaller businesses operating on tight margins.
More than 1.4 billion devices globally currently operate on Windows 10. According to digital workplace platform TeamViewer, 38% of Australian computers using that software ran on Windows 10 between July and September this year. Many of these belong to small businesses that have delayed the upgrade decision.
The security risk isn’t theoretical. Businesses still running Windows 10 past the cutoff date will no longer receive security updates, making systems vulnerable to cyberattacks, and may fall out of compliance with industry standards.
Three paths forward
Microsoft has outlined three options for businesses facing the deadline. The first involves upgrading existing hardware to Windows 11, provided devices meet minimum system requirements. Business owners can check eligibility through Settings, Update & Security, then Windows Update.
The second option requires purchasing new devices with Windows 11 pre-installed. For SMEs, this represents a significant capital expenditure that may not have been budgeted. However, it addresses the challenge many face: hardware incompatibility with the newer operating system.
The third path involves Microsoft’s Extended Security Updates program. Extended Security Updates for organisations and businesses on Windows 10 can be purchased through the Microsoft Volume Licensing Program, at $61 USD per device for Year One. Commercial organisations will need to pay $61 per device per year, with the price doubling every consecutive year.
For small businesses operating multiple devices, these costs accumulate rapidly. A business running ten Windows 10 computers would pay $610 for just one year of extended support, with no long-term solution in place.
Your action plan
The immediate priority for SMEs involves conducting a hardware audit. Business owners need to identify which devices can support Windows 11 and which require replacement. This assessment determines both the timeline and budget required for compliance.
For devices that cannot upgrade, the calculation becomes stark: invest in temporary ESU coverage or replace hardware entirely. The decision depends on device age, replacement costs, cash flow, and business continuity requirements.
SMEs without dedicated IT staff should consider engaging external consultants to manage the transition. The cost of professional guidance may prove less expensive than the downtime and security incidents that result from poorly executed upgrades.
The transition period also presents an opportunity to strengthen overall cybersecurity measures. Small businesses should review their backup systems, implement multi-factor authentication, train staff on security protocols, and ensure antivirus software remains current alongside any operating system changes.
Business owners must also communicate with software vendors to confirm applications will continue functioning on Windows 11. Some apps may stop working, hardware drivers may no longer receive updates, and peripherals might not work correctly. Discovering compatibility issues after upgrading creates operational disruption that small businesses can ill afford.
The real cost of waiting
The support deadline creates complications beyond immediate security concerns. Businesses that don’t upgrade will face compatibility issues with modern software and hardware, resulting in lost productivity, and will find it hard to comply with changing data protection regulations.
For Australian SMEs, regulatory compliance adds another dimension. Businesses handling customer data may find themselves unable to meet privacy obligations while operating unsupported systems. The reputational and financial damage from a data breach often exceeds the cost of upgrading.
Over time, the accumulated issues make everyday business operations increasingly difficult. Software vendors stop supporting applications, new peripherals refuse to connect, and security vulnerabilities multiply. What begins as a manageable inconvenience escalates into an operational crisis.
The ESU program offers breathing room but represents a temporary solution with escalating costs. Microsoft will no longer deliver routine technical assistance or the regular monthly security patches that kept the decade-old operating system current, a move that forces businesses to make decisions.
For small businesses, the window for preparation has effectively closed. The question now centres on managing the transition while maintaining security, operational continuity, and cash flow. Those who continue operating Windows 10 devices without extended security updates accept increased vulnerability to cyber threats, potential compliance issues, and diminishing software compatibility.
The deadline has arrived. Small and medium enterprises face a choice that directly impacts their ability to operate securely and compete effectively. The cost of inaction may prove far higher than the price of upgrading.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
