On 14 October 2025, Microsoft will officially end support for Windows 10 in every market, including Australia, meaning that PCs running Windows 10 will no longer receive security updates, technical support, or vulnerability patches.
That leaves a vast portion of Australian homes, schools, local councils and small businesses exposed to unpatched security holes. Experts estimate Windows 10 still powers a significant share of global desktops, and many Aussie users lag behind in migrating due to stricter hardware demands of Windows 11.
What does this mean in practice for Australians?
- No more patches: After 14 October, any new vulnerabilities discovered in Windows 10 will remain unpatched โ giving cybercriminals easy entry points.
- Higher risk of scams and ransomware: Unsupported devices are prime targets for phishing, ransomware, and business email compromise (BEC) attacks.
- Fake update scams: Attackers may pose as Microsoft or IT support, sending fake โsecurity updatesโ that actually install malware โ a trend already flagged by Scamwatch, which reports Australians lost over $174 million to scams in the first half of 2025.
- Loss of compatibility: New peripherals and apps may no longer work properly on hold-out machines.
- Data exposure: Once compromised, attackers can steal files, credentials and personal information โ or use your device to attack others.
Windows 10 is the second most used Windows operating system powering roughly 46 % Windows desktops worldwide, so many homes and businesses will be exposed to unpatched vulnerabilities if they do nothing.
Avast cyber security expert Luis Corrons explains what this means for consumers and businesses, and what steps they should take to make sure their devices remain secure.
โEnd of support is not the end of the world, but it is the end of free safety nets. Attackers know that, which is why unpatched Windows and driver bugs become long-lived entry points,โ says Corrons. โIt is also an opportunity for scammers. People may see fake pop-ups, upgrade offers or even get phone calls pretending to be from Microsoft.โ
In Australia, the scale of scam and fraud already shows how dangerous it can get:
- In the first half of 2025, Australians reported 108,305 scams, with $174 million in losses.
- In 2023โ24, more than 2 million Australians were victims of card fraud, and 675,000 responded to a scam.
Imagine a scenario: a small Australian accounting firm still running Windows 10 gets targeted via a phishing email that installs ransomware, because their system had unpatched vulnerabilities. The results: business downtime, data loss, reputational damage, remediation costs.
What can people do to stay safe?
- If eligible, upgrade to Windows 11.
- If you must keep Windows 10, enroll in ESU. This is a paid option for consumers and businesses.
- Harden holdouts: keep browsers and third-party apps fully updated, remove SMB1 protocol, use a reputable security suite that still supports Windows 10, run a non-admin account, enable multi-factor authentication, and maintain offline backups.
- For businesses: run an inventory of Windows 10 endpoints, segment networks, restrict macros and unsigned drivers, turn on application allow-listing, plan hardware refresh for non-upgradable devices, and budget multi-year ESU if needed. Pricing starts around 61 USD per device for year one and increases annually.
- Beware of scams: if you receive a call claiming to be from Microsoft urging you to upgrade, or suspiciously looking pop-up messages, stay cautious and do not engage. If your device is eligible for an upgrade, you will receive an official notification from Microsoft.