Microsoft has officially confirmed that Windows 10 users will have the option to purchase Extended Security Updates (ESU) through October 12, 2027. The announcement, revealed via a support document update, marks a significant expansion of the ESU program to individual consumers for the first time. Previously available only to organizations, the paid service allows Windows 10 version 22H2 devices to continue receiving critical security patches beyond the October 14, 2025 end-of-support deadline—provided users sign in with a Microsoft account.

The move comes as millions of devices still run Windows 10, despite Microsoft's push for Windows 11 adoption. With Windows 10 holding a dominant 60%+ share of the PC market, according to recent analytics, the extension addresses a significant security concern for users who cannot or will not upgrade. The consumer ESU program offers a temporary but crucial bridge, ensuring that security vulnerabilities discovered after October 2025 do not leave these machines exposed.

What Changed: From Business-Only to Consumer Inclusion

The Extended Security Updates program is not new; it has been a staple for enterprise customers for years. Under the traditional model, organizations running outdated Windows versions could pay for continued security updates, often at a per-device cost that escalated annually. Microsoft extended a similar offer for Windows 7 to businesses and even offered a limited free version for some consumers using assistive technologies. However, the formal inclusion of individual consumers in a paid ESU program is unprecedented for a currently supported operating system that is approaching end of life.

Windows 10 version 22H2 is the final feature update for the OS. Microsoft has been clear that no new features will be developed for Windows 10, and security updates will cease entirely for unpaid users after October 14, 2025. The consumer ESU plan changes that equation, allowing home and pro users to keep their systems protected for an additional two years—until October 12, 2027. This aligns closely with the extended support timeline previously offered only to enterprise and education customers under Volume Licensing agreements.

The key differentiator is the enrolment mechanism: a Microsoft account becomes mandatory. Users will need to link their Windows 10 Pro or Home installation to a Microsoft account to purchase and manage the ESU subscription. This requirement ties into Microsoft’s broader strategy of driving user engagement with its online services and ecosystem, but it also raises questions about privacy and account management for those who prefer local accounts.

How the Consumer ESU Program Will Work

According to details Microsoft has published, the consumer ESU will be available as an annual subscription, purchasable through the Microsoft Store or online account management portals. While exact pricing has not been disclosed, enterprise ESUs for Windows 7 and Windows 10 have historically started at around $25 per device in the first year, doubling each subsequent year. If Microsoft follows a similar model, consumers could face a modest fee initially, growing to perhaps $100 or more by the final year. Some industry speculation suggests Microsoft may offer a flat, one-time fee for the full two years to simplify the process, but no official pricing has been confirmed.

Activation will require a Microsoft account sign-in on the device, and the subscription will be tied to that account—not the device itself. That means if a user reinstalls Windows or moves to a new PC, the ESU license could potentially follow the account, though Microsoft has not clarified portability details. Updates will be delivered through standard Windows Update channels, but only machines with an active subscription will receive the post-October 2025 patches. Unsubscribed devices will stop receiving any security updates, though existing critical patches released before the deadline will remain installed.

Microsoft has emphasized that the ESU program is strictly for security and critical fixes. No bug fixes, stability improvements, or technical support will be included. This is a “keep the lights on” measure, not a commitment to ongoing development. Users experiencing non-security issues will need to rely on community forums or paid support channels. The program does not extend the lifecycle of Windows 10 in terms of new feature development or driver updates; it purely provides security bulletins rated as “Critical” or “Important” by Microsoft’s Security Response Center.

Why This Matters: The Hardware Gap and Windows 11 Hesitancy

Windows 10’s end of support has been a ticking clock for many users, especially those with hardware that cannot officially run Windows 11. Microsoft’s strict system requirements for Windows 11—including TPM 2.0, Secure Boot, and an 8th-generation Intel or Ryzen 2000 processor—left a substantial portion of otherwise capable machines ineligible for upgrade. While enthusiasts have found workarounds, most consumers and businesses are reluctant to deploy unsupported installations. The result is a large installed base of Windows 10 devices that are perfectly functional but face a security cliff in October 2025.

This hardware gap is particularly acute in regions where PC replacement cycles are longer and among small businesses and home users with older but reliable computers. Microsoft’s own data suggests that over 50% of enterprise devices remain on Windows 10, and the consumer segment likely mirrors that. By offering a paid security bridge, Microsoft not only generates revenue from this massive install base but also buys time for the market to transition more naturally to newer hardware capable of running Windows 11. It’s a pragmatic acknowledgment that forcing an upgrade cycle through security fears could backfire, especially given economic pressures.

Critics argue that the requirement to purchase security updates penalizes users who cannot afford new PCs. Consumer groups have called for Microsoft to reconsider the cutoff or make basic security updates free for the first year, similar to the Windows 7 approach for assistive technology users. However, Microsoft appears to be balancing corporate profitability with a controlled migration path. The company has not announced any exceptions or free tiers for the consumer ESU program.

Pricing and Purchase Mechanism: What We Know So Far

As of now, Microsoft has kept the pricing for consumer ESUs under wraps. Enterprise ESU pricing offers a clue: for Windows 10 ESU via Volume Licensing, year one costs roughly $61 per device (for Windows 10 Enterprise), year two doubles to $122, and year three doubles again. For consumers, Microsoft might adopt a simpler tier. Some rumors point to an annual fee of $30–$50, possibly with a discount for a two-year upfront payment. Until official numbers emerge, consumers are left to speculate.

Enrolment is expected to open closer to the October 2025 deadline, perhaps a few months prior. Users will be able to purchase the ESU through the Microsoft Store app on Windows 10 or via account.microsoft.com. The transaction will require a Microsoft account, which has sparked some controversy. A vocal segment of the Windows user base prefers local accounts for privacy reasons, and this requirement forces them to either switch or abandon security updates. Microsoft has not indicated whether there will be a workaround or if local accounts will be completely shut out.

There is also ambiguity around whether the ESU covers both Windows 10 Home and Pro editions. The official language says “Windows 10 version 22H2,” implying both SKUs are eligible, but Pro users might get additional flexibility given its business orientation. In the enterprise world, ESU is typically sold for Pro and higher editions. Clarification from Microsoft is expected as the launch date approaches.

The mandatory Microsoft account linkage is not surprising, given Microsoft’s ongoing efforts to tether users to its ecosystem. Windows 11 Home already requires a Microsoft account for initial setup (though Workarounds exist), and many features—OneDrive, Microsoft 365, Xbox integration—rely on it. By making an account a precondition for ESU, Microsoft ensures that even laggard Windows 10 users become part of the account ecosystem, potentially increasing engagement with other services.

For users, the account link may simplify license management; once purchased, the entitlement could appear in the Microsoft Account dashboard, making it easy to transfer or renew. It could also allow Microsoft to enforce the one-device-per-subscription rule more effectively. However, privacy advocates note that a Microsoft account collects telemetry and usage data by default, which some users find objectionable. Whether Microsoft will provide an option to disable telemetry while retaining the ESU benefits remains to be seen.

On the technical side, the account link likely serves as a digital license check. When Windows Update fetches patches, it will validate the login session token to determine if the device is covered. This means users who sign out or switch to a local account might lose access to updates even if they have an active subscription. The design could discourage account tinkering and cement the Microsoft account as the default authentication method.

Market Impact and User Sentiment

The consumer ESU announcement has drawn mixed reactions. On forums and social media, many users express relief that they can avoid forced upgrades for a couple more years, especially those with older hardware that runs Windows 10 flawlessly. Small businesses, which often operate without dedicated IT staff, see the ESU as a cost-effective alternative to replacing entire fleets. On the other hand, some users feel Microsoft is double-dipping—charging for an operating system and then charging again for essential security updates after a set period.

Market analysts predict that the ESU program will slow Windows 11 adoption, at least in the short term. The latest data shows Windows 11’s market share at roughly 30%, with Windows 10 still commanding the majority. By providing a safe harbor, Microsoft may inadvertently extend the lifespan of Windows 10 well into 2027, fragmenting the ecosystem further. But for Microsoft, the revenue from ESUs could be substantial, potentially offsetting losses from delayed device sales. It’s a calculated trade-off.

The timing also coincides with the rumored development of Windows 12, which may not launch until 2025 or later. Keeping Windows 10 users secure until a new OS is mature could prevent a chaotic transition. In this light, the consumer ESU acts as a strategic buffer, giving Microsoft time to perfect its next-generation offering while maintaining a security net for the existing base.

Security Implications: Critical Patches Only, but Enough?

The ESU program covers only updates rated Critical or Important by Microsoft’s severity rating system. This includes patches for remote code execution, elevation of privilege, and other vulnerabilities that could lead to system compromise. It does not include low-severity fixes, non-security hotfixes, or any kind of feature enhancement. For the average home user, critical patches are often sufficient to ward off the most damaging exploits, but they may not protect against edge-case attacks or stability issues arising from non-security bugs.

Cybersecurity experts emphasize that even with ESU, users remain on an outdated platform that lacks modern security features found in Windows 11—like hardware-enforced stack protection, virtualization-based security, and enhanced malware defense. Over time, the attack surface of an unmaintained OS grows, and third-party software vendors will eventually drop support, creating further risks. The ESU is a stopgap, not a perpetual solution.

Microsoft has stated that the ESU program does not extend support for other components like Internet Explorer (already retired) or legacy Edge. Additionally, Microsoft Defender Antivirus will continue to receive updates on Windows 10 regardless of ESU status, as the antimalware service follows its own lifecycle. However, OS-level hardening and kernel patches require the ESU subscription.

How to Prepare for the October 2025 Deadline

For users considering the ESU path, now is the time to plan. First, verify that your device is running Windows 10 version 22H2. Older versions will need to upgrade to 22H2 to be eligible. Microsoft will continue providing free updates for 22H2 until October 14, 2025, so there is no immediate rush, but ensuring the latest updates are installed is wise.

Second, create a Microsoft account if you don’t already have one, and consider linking it to your Windows 10 installation ahead of time. This will streamline the ESU purchase process when it becomes available. Be prepared to pay an annual fee; budget approximately $30–$100 per device per year, though exact figures remain unknown.

Third, evaluate whether a Windows 11 upgrade is feasible. If your hardware meets the requirements and you are comfortable with Windows 11, a free upgrade might be a more cost-effective long-term solution. However, if your hardware is incompatible or you rely on legacy software that doesn’t work on Windows 11, the ESU may be your best option.

Finally, keep an eye on official Microsoft communications. The company will publish a dedicated ESU FAQ page and likely send reminders through the Windows Update interface as the deadline approaches. Do not rely on third-party sellers or unofficial patches, as these may carry malware risks.

The Road Ahead: Windows 10’s Last Chapter

Microsoft’s consumer ESU offering is a pragmatic acknowledgment of real-world conditions. Not everyone can or will adopt Windows 11 overnight, and leaving a huge swath of the population unprotected would be irresponsible—both for user safety and for the broader internet ecosystem. By monetizing security patches, Microsoft creates a win-win: continued protection for those who need it, and a revenue stream that justifies the engineering effort.

Yet the program also underscores the company’s evolving business model. Software is no longer a one-time purchase but a service relationship, with recurring revenue from subscriptions and account-driven engagement. The requirement of a Microsoft account, the annual fee structure, and the clear delineation of support tiers reflect a future where OS maintenance is a continuous revenue opportunity rather than a fixed cost.

For users, the message is straightforward: you have two more years after October 2025 to plan your transition. Whether you choose to pay for security updates, upgrade to Windows 11, or even move to an alternative operating system, the countdown has begun. Microsoft has opened the bridge; it’s now up to consumers to decide how—and when—to cross it.