Microsoft Extends Windows 10 Security Updates for Consumers Through October 2027
Microsoft has extended the Windows 10 Extended Security Updates program for consumers by an additional year, now covering critical patches through October 12, 2027.
Microsoft has quietly extended its Windows 10 Extended Security Updates (ESU) program for consumers, pushing the deadline for critical security patches to October 12, 2027. The move adds a full year beyond the original October 2026 cutoff, reflecting the reality that millions of users have not yet migrated to Windows 11. Windows 10 reached its official end of support on October 14, 2025, leaving unpatched devices exposed to vulnerabilities and zero-day attacks.
The ESU program covers Windows 10 version 22H2 for Home, Professional, Pro Education, and Workstations editions. It provides only critical and important security updates as classified by the Microsoft Security Response Center (MSRC). Feature updates, product enhancements, and technical support are not included. The sole purpose is to reduce exposure to malware and cyberattacks during the transition period.
Microsoft offers three enrollment tiers for the consumer ESU program. Users with PC Settings Sync (Windows Backup) enabled can enroll for free. Alternatively, 1,000 Microsoft Rewards points can be redeemed for enrollment. A one-time purchase of $30 (plus applicable taxes) covers up to 10 devices under the same Microsoft account, making it a cost-effective option for households with multiple Windows 10 machines.
To qualify, devices must be running Windows 10 version 22H2 with the latest updates installed prior to enrollment. The Microsoft account used must have administrator privileges and cannot be a child account. Devices in kiosk mode, joined to an Active Directory domain, or enrolled in a Mobile Device Management (MDM) solution are ineligible for the consumer ESU program.
Enrollment is straightforward: navigate to Settings > Update & Security > Windows Update. If the device meets all prerequisites, an "Enroll now" option will appear under the end-of-support notification. Users signing in with a local account will be prompted to authenticate with their Microsoft account to complete enrollment. Already-enrolled users need not take any action; their coverage automatically continues through the new end date.
Security professionals and IT administrators should treat this extension as a temporary risk-mitigation measure, not a permanent solution. Unenrolled devices running Windows 10 remain highly vulnerable to exploitation, ransomware, and zero-day attacks without active patch coverage. Organizations managing enterprise deployments should evaluate the commercial ESU pathway or accelerate Windows 11 migration planning to avoid compounding technical debt and security exposure.
The extension comes as Microsoft faces pressure to support a large installed base that has been slow to adopt Windows 11, partly due to stricter hardware requirements. While the ESU program provides a bridge, it does not address the underlying need for a modern, supported operating system. Users are encouraged to plan their migration to Windows 11 or consider alternative options to ensure long-term security.
Microsoft has now confirmed that the free ESU coverage will auto-renew for already-enrolled users, eliminating the need for manual re-enrollment. The extension, quietly documented in Microsoft's ESU support pages, gives consumers continued patch support through October 12, 2027, a full year beyond the originally announced end date.