Microsoft offers free Windows 10 security updates, but only for consumers

Microsoft’s latest Windows 10 Extended Security Updates announcement reveals a telling double standard: while home users get multiple free pathways to maintain security beyond the October 2025 deadline, enterprises face the same expensive pay-or-migrate ultimatum.

The software giant announced in a blog post that individual consumers can secure an additional year of Windows 10 security updates for free, either through Windows Backup, or by redeeming 1,000 Microsoft Rewards points. They also have the option to access the updates by paying a $30 fee.

Meanwhile, businesses must still pay $61 per device for first-year coverage, with costs doubling annually thereafter, and there are no pathways to free access.

“ESU coverage for personal devices runs from Oct. 15, 2025, through Oct. 13, 2026,” Microsoft said in its blog post. But businesses? They’re still looking at the same three-year, escalating fee structure with no free alternatives.

Industry experts see Microsoft’s approach as strategic pressure rather than customer accommodation.

“This fee is a nudge towards Windows 11 and confirms that the vendor has a firm intention to see enterprise customers moving to Windows 11,” said Dario Maisto, senior analyst at Forrester Research.

Enterprise reality: Same expensive options, different messaging

Microsoft first launched its Windows 10 Extended Security Updates program in April 2024 with enterprise-focused pricing: $61 per device for year one, $122 for year two, and $244 for year three. Tuesday’s announcement doesn’t change those enterprise rates.

Business options remain available through the Microsoft Volume Licensing Program, with Cloud Service Provider partners able to sell commercial ESUs starting September 1. Maisto notes this timing “should ease the impact of these measures on the vendor’s cloud services revenue strategy.”

For organizations with 1,000 Windows 10 devices, Microsoft’s ESU program represents a $61,000 first-year commitment. A three-year ESU commitment totals $427,000, enough to purchase significant new hardware.

However, Maisto observes that “many organizations may rather pay the ESU subscription than make major investments in accelerating Windows 11 hardware refresh cycles,” particularly given current economic uncertainties and geopolitical volatility.

Current StatCounter data shows that Windows 10’s market share stands at 53% of the global Windows market, with Windows 11 at 43%. In enterprise environments, where hardware refresh cycles are longer, Windows 10 penetration often runs higher.

The strategic calculation and planning time

Sanchit Vir Gogia, chief analyst at Greyhound Research, warned that enterprises viewing ESU as a long-term solution are accumulating “strategic debt.” He noted that relying on ESU instead of refreshing devices may offer short-term budget relief but defers readiness for AI-era workloads.

However, Maisto pointed to a silver lining: “This additional time will give enterprises a breath to plan for Windows 11 adoption and do a proper risk assessment regarding security and compliance issues related to staying on Windows 10.”

Microsoft’s approach reflects calculated pressure: make staying on Windows 10 expensive enough to drive migration decisions, while offering consumers relief to avoid platform defection. The cloud exception for Windows 365 and Azure Virtual Desktop users proves Microsoft’s priorities — steering organizations toward higher-margin, recurring revenue streams.

Maisto noted that organizations are “trying to understand which scenario will materialize given the current geopolitical volatility,” with each organization taking “a different path depending on its risk appetite.”

Compliance gaps and enterprise risks

Extended Security Updates deliver only critical and important security patches. Even after paying $61 per device, IT departments won’t receive new features, non-security bug fixes, or technical support.

Gogia emphasized that ESU creates compliance risks beyond basic security. “Microsoft’s ESU program may keep vulnerabilities patched, but it doesn’t close the compliance gap,” he said. “Without support for evolving identity frameworks, telemetry, or zero-trust baselines, Windows 10 — even patched — is an aging platform.”

For regulated industries, the absence of advanced encryption support or newer multi-factor authentication integrations may result in failed audits. “Security updates alone do not equal a secure posture — especially in regulated sectors,” Gogia noted.

Maisto acknowledged this will “ease the pressure on organizations in these already turbulent times,” but warned each enterprise must conduct proper risk assessments when weighing ESU against immediate Windows 11 migration.

The cloud backup enterprise dilemma

Microsoft’s free consumer ESU option requires enabling cloud backup through Microsoft services — a condition that creates enterprise policy conflicts.

“Microsoft is not just offering patches — it’s offering them in exchange for cloud footprint expansion,” Gogia explained. The cloud backup requirement raises concerns for organizations managing complex data residency and encryption frameworks.

Many enterprise policies disallow external backups that bypass data loss prevention workflows. For regulated enterprises in healthcare and public infrastructure, defaulting to cloud sync may violate internal mandates.

Implementation complexity

Organizations evaluating ESU face complexity that consumer programs don’t address. Devices must run Windows 10 version 22H2, potentially requiring extensive patch management before ESU activation.

The enrollment process integrates with volume licensing systems rather than simplified consumer wizards. Enterprise IT teams must coordinate with procurement, legal, and finance departments for multi-year ESU agreements.

Most critically, Microsoft offers no technical support as part of ESU programs. Organizations paying premium prices still depend on community forums or expensive Microsoft consulting services for implementation issues.

Microsoft’s enhanced Windows 10 ESU program confirms that enterprises are expected to pay their way through the transition while consumers get multiple free options. The timing of Cloud Service Provider availability in September aligns with Microsoft’s cloud revenue strategy.

Both analysts agree the program serves Microsoft’s interests while providing enterprises limited relief. “It’s security with strings — and a subtle shift in monetization logic,” Gogia said.

For IT leaders, this represents both breathing room and continued pressure. While ESU provides time for proper Windows 11 planning and risk assessment, the escalating costs ensure that staying on Windows 10 becomes increasingly expensive each year, exactly as Microsoft intended.Is Microsoft really axing Windows 10? Here’s what you need to know – ComputerworldRead More