Microsoft’s announcement of Windows 10 End of Support (EOS) in October 2025 has left many users wondering about the future of their systems. While upgrading to Windows 11 is the recommended path, not everyone can or wants to make that transition. If you’re planning to stick with Windows 10 beyond the support deadline, it’s crucial to take proactive measures to maintain your system’s security. This guide will walk you through practical steps to keep your Windows 10 PC protected after official support ends.
Consider Extended Security Updates (ESUs)
Microsoft is offering Extended Security Updates (ESUs) as a paid service to provide critical security patches after Windows 10’s end of support. For the first time, this option will be available to individual consumers as well as organizations.
Step 1: Evaluate if ESUs are right for you. For individual users, Microsoft will offer a one-year ESU option for $30. This ensures you receive critical security updates for an additional year after the end of support.
Step 2: For businesses, ESUs can be purchased through the Microsoft Volume Licensing Program. The cost starts at $61 per device for the first year, with the price doubling each subsequent year.
While ESUs provide a safety net, they’re a temporary solution. It’s wise to consider them as part of a broader strategy to either transition away from Windows 10 or significantly harden your system’s security.
Strengthen Your Security Software
With Microsoft no longer providing regular security updates, robust third-party protection becomes even more critical.
Step 1: Install a reputable, full-featured security suite. Look for options that offer real-time protection, firewall capabilities, and frequent updates. Some well-regarded options include BitDefender, Kaspersky, and Malwarebytes.
Step 2: Enable all security features provided by your chosen software. This often includes real-time scanning, web protection, and automatic updates.
Step 3: Set up regular system scans. Configure your security software to perform a full system scan at least once a week.
Remember, no single security solution is perfect. It’s beneficial to use multiple layers of protection.
Implement Additional Security Measures
Beyond antivirus software, several other steps can significantly enhance your system’s security:
Step 1: Use a supported web browser. Browsers like Chrome, Firefox, or Edge typically continue support for older operating systems for some time. Stick to one of these and keep it updated.
Step 2: Keep all software up-to-date. Regularly check for and install updates for all installed applications, especially those that connect to the internet.
Step 3: Enable BitLocker encryption. This built-in Windows feature encrypts your entire drive, protecting your data if your device is lost or stolen.
To enable BitLocker:
- Open File Explorer and right-click on your C: drive.
- Select “Turn on BitLocker” and follow the prompts.
- Store the recovery key in a safe place, separate from your computer.
Step 4: Use a secure DNS service like Cloudflare (1.1.1.1) or OpenDNS. These services can help block malicious websites and improve your browsing security.
Step 5: Consider using a VPN for added privacy and security when connecting to public Wi-Fi networks.
Minimize Your Attack Surface
Reducing potential vulnerabilities is key to maintaining security on an unsupported system:
Step 1: Disable unnecessary services and features. Use the Windows Services manager to turn off services you don’t need.
Step 2: Uninstall unused software. Fewer applications mean fewer potential vulnerabilities.
Step 3: Use a standard user account for daily tasks. This limits the potential damage if your system is compromised.
To create a standard user account:
- Go to Settings > Accounts > Family & other users.
- Click “Add someone else to this PC” and follow the prompts to create a new account.
- Ensure the account type is set to “Standard User”.
Step 4: Show file extensions. This helps identify potentially malicious files masquerading as harmless documents.
To show file extensions:
- Open File Explorer and click on the “View” tab.
- Check the box for “File name extensions”.
Practice Safe Computing Habits
Your behavior is a critical component of system security:
Step 1: Be cautious with email attachments and downloads. Don’t open files from unknown sources, and be wary of unexpected attachments even from known contacts.
Step 2: Use strong, unique passwords for all accounts. Consider using a password manager to generate and store complex passwords securely.
Step 3: Enable multi-factor authentication (MFA) wherever possible. This adds an extra layer of security to your accounts.
Step 4: Regularly back up your data to an external drive or cloud service. This ensures you can recover your files if your system is compromised or fails.
Isolate Your Windows 10 System
If possible, take steps to limit your Windows 10 PC’s exposure to potential threats:
Step 1: Use a separate network or VLAN for your Windows 10 device if it’s part of a larger home or office network. This can help contain potential security breaches.
Step 2: Consider using your Windows 10 PC offline for tasks that don’t require internet access. This dramatically reduces your exposure to online threats.
Step 3: For high-risk activities, use a virtual machine running a supported operating system. This isolates potentially dangerous operations from your main system.
While these steps can significantly improve your Windows 10 security after the end of support, remember that using an unsupported operating system always carries some risk. Regularly reassess your security measures and consider upgrading to a supported OS when feasible. Stay vigilant, keep your critical data backed up, and be prepared to adapt your security strategy as new threats emerge.