Microsoft has finally put a price tag on staying secure for the millions of Windows 10 holdouts: $30 for one year of critical patches after the operating system reaches end of support on October 14, 2025. It’s the first time the company has offered Extended Security Updates (ESU) to everyday home users, and the clock is already ticking for anyone who plans to ride out Windows 10 beyond its expiration date.

The ESU Program in Plain Terms

The Extended Security Update program isn’t new. Microsoft introduced it for Windows 7 in 2020, then again for Windows 8.1. But until now, it was a business-only affair—sold exclusively to organizations with volume licensing and a per-device price that escalated each year.

This time, things are different. In a support document updated quietly in late April 2024, Microsoft confirmed that individual consumers can purchase a one-year ESU license for $30, securing their Windows 10 PCs through October 2026. The price covers a single device and provides only security updates—no new features, no design changes, and no technical support beyond what’s in the security bulletins.

Crucially, that $30 is a fixed, upfront cost for the entire year. Businesses, meanwhile, face a more traditional tiered model: $61 per device for the first year, $122 for the second, and $244 for the third, all requiring a Windows 10 ESU license add-on for Microsoft 365 or a volume licensing agreement. Schools get a deep discount, with the first year costing just $1 per device and doubling each subsequent year.

Who Needs to Pay Attention

The announcement splits the Windows ecosystem into three groups, and each faces a distinct choice.

Home users and small-office holdouts get a clear-cut option. Pay $30, and your machine keeps receiving security patches for known vulnerabilities until October 2026. After that, Microsoft pulls the plug entirely. There’s no second year, no extension—the device will no longer be safe to use online. If your PC doesn’t meet Windows 11’s hardware requirements (and approximately 240 million PCs worldwide fall into that bucket, according to Canalys), that $30 buys you a one-year bridge to a new device.

Power users and enthusiasts who’ve resisted Windows 11 on principle—or because of UI changes, performance gripes, or compatibility concerns—must now decide whether a year of security is worth the price. It’s cheap, but it also delays the inevitable. Running an unsupported OS after October 2026 exposes you to ransomware, data theft, and zero-day attacks that will never be patched.

IT admins and organizations need to calculate the total cost of staying on Windows 10 across their fleets. The per-device ESU pricing for businesses, while steeper than the consumer fee, is often cheaper than a mass migration project in the short term. But those costs multiply quickly: a 500-PC environment opting for three years of ESU rings up at over $200,000. For many, the math will push them toward Windows 11 or virtual desktop solutions.

Why This Matters Now

The July 3 security roundup from Hackaday, which highlighted Microsoft’s ESU details alongside three other unrelated stories, serves as a blunt reminder of why timely patching is non-negotiable. In that same digest, researchers revealed that multiple LG smart TV apps were secretly running residential proxy services—turning viewers’ devices into unwitting nodes in botnets. Russian-linked threat actors were caught phishing for Signal backup keys through fake group invites. And the open-source video platform PeerTube had to rush out an emergency patch for a critical vulnerability that let attackers hijack accounts.

Each of those incidents underscores the same message: unpatched software is an open door. Windows 10, which still runs on over 60% of all Windows PCs according to Statcounter, will become exactly that kind of target the moment Microsoft stops releasing free security updates. The $30 consumer ESU isn’t about preserving your workflow or avoiding change—it’s about keeping the digital equivalent of deadbolt locks on your front door for one more year.

How We Got Here

Windows 10 was supposed to be the “last version of Windows,” a perpetual platform that would evolve through rolling updates. That vision died in 2021 when Microsoft launched Windows 11 with stricter hardware requirements, including TPM 2.0 and 8th-gen Intel or Ryzen 2000-series processors. Millions of otherwise capable PCs were left stranded.

The company has softened its stance somewhat. In early 2024, it removed the Windows 11 hardware compatibility holds for a handful of older systems, but the core requirements remain. Users can technically install Windows 11 on unsupported hardware using registry tweaks, but Microsoft warns that such devices may not receive updates and aren’t entitled to support.

The ESU for consumers is a direct response to the slow adoption of Windows 11. Despite its maturity, Windows 10’s market share has held stubbornly steady, and the looming October 2025 deadline created a public-relations risk: hundreds of millions of PCs going unpatched overnight would be a security disaster not just for their owners, but for the internet at large. The $30 program gives Microsoft a way to mitigate that risk while nudging users toward eventual upgrades.

What to Do Now

The October 2025 date may feel distant, but the steps you take today determine whether you’ll be forced into a panic purchase or a rushed migration.

If you plan to pay the $30:
- Ensure your device can still connect to Windows Update. The ESU license is delivered through the same update channel, so a broken Windows Update service will block you from getting patches.
- Backup your system before the end-of-support date. A full disk image lets you roll back if an ESU patch breaks something—and Microsoft will not offer free support for such issues.
- Mark your calendar for October 2026. There is no grace period, and no second year of consumer ESU. On that date, the device becomes a security liability.

If you’re migrating to Windows 11:
- Run Microsoft’s PC Health Check tool to see if your hardware qualifies. If it doesn’t, start researching new PCs or consider installing Windows 11 on unsupported hardware at your own risk.
- Test Windows 11 in a virtual machine or on a spare drive first. Interface changes can be jarring, and many third-party system utilities need updates.
- For businesses, begin pilot deployments now. The three-year ESU program for enterprises looks attractive, but the per-device cost compounds rapidly. A phased migration is often cheaper over the long term.

If you’re an IT administrator:
- Inventory your Windows 10 devices and classify them by hardware readiness. Machines that meet Windows 11 requirements should be scheduled for upgrade. Those that don’t can be set aside for retirement, ESU purchase, or repurposing as offline kiosks.
- Evaluate the ESU licensing path for your organization. The traditional volume-licensing route requires a Windows 10 ESU license add-on for Microsoft 365, while education institutions have a separate, deeply discounted track.
- Plan for the third-year cliff. Even with ESU, you’ll have to leave Windows 10 by October 2028 at the latest. Use that window to budget for hardware refreshes or cloud-based alternatives like Windows 365.

The Broader Security Lesson

The four stories bundled together by Hackaday—proxy-laced smart TV apps, Signal backup phishing, PeerTube’s emergency patch, and Windows 10 ESU—are not random. They illustrate how attackers exploit any neglected endpoint. The LG apps turning televisions into proxy nodes shows that every internet-connected device is a potential resource for botnet operators. The Signal phishing campaign demonstrates that even encrypted messaging’s weakest link is the human who stores backup keys insecurely. PeerTube’s last-minute scramble proves that open-source infrastructure is just as vulnerable as proprietary code.

For Windows users, the takeaway is simple: the operating system is the foundation. An unpatched Windows PC isn’t just a personal risk; it’s a stepping stone for attackers to move laterally across networks, steal credentials, and launch more sophisticated attacks. The $30 ESU fee is less about Microsoft making money (the revenue from consumers is a rounding error) and more about keeping the internet’s largest installed base from becoming a zombie army.

What Comes Next

Microsoft has not announced any plans for Windows 12, and Windows 11’s 24H2 update, due in the fall of 2024, will keep the same hardware baseline. That suggests the TPM 2.0 and processor requirements are here to stay for the foreseeable future. The company is instead pushing cloud-based solutions: Windows 365 lets users stream a full Windows 11 desktop even to older hardware, for a monthly subscription fee.

That model, if it takes off, could render the hardware debate moot. But for the tens of millions of people who use a PC as a standalone tool—no subscription, no cloud dependency—the $30 ESU is the most tangible acknowledgment that Microsoft misjudged how attached users are to Windows 10. It’s a reprieve, not a solution. And it gives you exactly one year to figure out your next move.