What Happens When Windows 10 Reaches End of Life?

Infopackets Reader Dennis J. writes:

" Dear Dennis,

What happens when Windows 10 reaches end of life after October 14, 2025? My computer isn't compatible with upgrading to Windows 11. Will I still be able to operate using Windows 10 safely? I have MalwareBytes but I don't understand these things. I'm retired, and just shy of 80, and can't afford a new computer this year. I'd appreciate your advice thank you. "

My response:

Thanks for your question.

As you mentioned, after October 14, 2025 your Windows 10 PC will no longer receive security updates.

One option is to pay Microsoft for Extended Support to continue patching, but this is not a long-term solution (extended support has lasted 1 year in the past). Beyond that, if you continue running an unsupported and unpatched Windows 10, you will be playing a losing game of chicken especially when it comes to operating system exploits in the wild (also known as "zero-day exploits").

What Happens with a Zero-day Exploit?

If your system is unsupported / unpatched, most likely what will happen next is that bots (automated programs) will start sniffing for a way into your system (using an exploit); once they are in, malware will be deployed and remote code will be executed (i.e., malware gets uploaded to your system and is run). At this point, your system will be infected. All this can happen just by having the machine connected to the Internet, even without you doing anything.

This has been noted many times in the past, especially Windows XP which did not utilize User Access Control (i.e., request administrative access rights) before executing binaries. The article below illustrates my point exactly and also includes link to a video:

https://www.xda-developers.com/connected-windows-xp-internet-didnt-survive-long/

Botnets, Ransomware and Remote Access Galore - Oh My!

When it comes to a zero-day exploit with remote code execution, the type of malware deployed to your system would most likely result in a botnet, ransomware or remote access Trojan(s) infection, or a variation.

In the case of a botnet: your system will be controlled remotely (along with hundreds of thousands of other infected machines), where it will be used in email spamming, click fraud, and distributed denial of service campaigns.

In the case of ransomware: all your files will be encrypted and unreadable. The only way to get the data back is to pay hefty sums (READ: thousands of dollars) to gangs of ransomware cyber criminals with no guarantees of getting your data back, and certainly no way to prevent another ransomware occurrence from happening in the future because your system is already unpatchable. You would be absolutely stupid to think that it wouldn't happen again if you kept on keepin' on.

In the case of a remote access Trojan: scammers will be able to connect to your machine remotely and watch your every move, including recording your keystrokes, which includes passwords and credit card numbers. This will also inevitably lead to the draining your bank accounts and identity theft.

Real Word Scenario: I Recently Discovered a Cyber Criminal Gang in Moldova

I have personally worked on cases like this - in fact, I just worked on one last week where scammers from Moldova had infected a victim's machine.

Once in, they monitored him (Joe) and then ordered a batch of checks in the victim's name (who lives in Florida) and had them delivered to Michigan, where they tried to cash multiple $4,000+ checks repeatedly. Quite shockingly, the bank downplayed the threat after Joe was notified checks were delivered to another mailing address not his. He ended up changing his bank accounts, which was the right move. In a strange twist, he then received a letter from the bank that checks in his name were bouncing left, right, and center. No shit!

The same group of scammers also infected a friend of the victim a few months prior (Jackie); in this case, Jackie had extremely lax security on her browsers, including auto browser logins to her bank accounts without any challenge or time-outs to prevent auto-fill. They got in to her bank and tried to transfer out $6,000+ repeatedly from her accounts.

The scammers were able to extend their reach because once they gained access to Joe's machine, they started sending emails (in Joe's name) to others on his email contact list asking recipients to look over an "invoice," which was in fact hidden remote access that allowed the scammers into more new machines.

(For those wondering, I was able to determine the cyber criminals were in Moldova because they installed ScreenConnect - the same software I use to connect to my clients remotely. I analyzed the ScreenConnect installation files to determine the location of the ScreenConnect server, which pointed back to Moldova in both Joe's and Jackie's cases).

If these scenarios don't sound like a good option for you, then I suggest changing out the PC hardware.

Here's why -

No Security Software Can Patch an Unsupported OS 100%

This will surely be debated in the comments, but I will tell you unequivocally: no security program (Malwarebytes, antivirus, firewall, etc) will stop a zero-day exploit - whether your system is still supported or not - because by nature, a zero-day exploit means that there are currently no fixes.

On the other hand, a permanent zero-day exploit means that there will never be a fix, which is often the case for operating systems that do not receive security updates - including an unpatched and unsupported Windows 10 post October 14, 2025. Hoping for some kind of third-party workaround is simply playing Russian Moldovan roulette with your data and finances.

As I mentioned already, depending on the severity of the exploit, scammers may be able to remotely connect to and control your machine without you even knowing. Does it mean you will be infected the moment a zero-day exploit is discovered? No, but it could happen.

Some people reading this article will say "I've used an out of date OS and never been infected!". Well, good for you - pat yourself on the back for a job well done (you may already be infected and not know it) - but I'm not taking any chances, and for me to recommend otherwise would be asinine.

Here is yet another news article to back up what I said:

https://www.bitdefender.com/en-us/blog/businessinsights/new-windows-zero-day-exploited-in-the-wild-no-patch-in-sight

Option #1: Use Linux

All of this doom and gloom isn't meant to scare you. It's simply a reality.

One long-term solution is to change the operating system to one that is up to date and doesn't require TPM (trusted platform module, which is a requirement for Windows 11 that most pre-2018 machines don't have).

In this case, Linux is a good choice - Ubuntu and variants are very popular choices. I personally like AlmaLinux because I'm a CentOS (Redhat) guy.

There are lots of YouTube videos explaining how to install Linux if you've never done it before. As always, backup the system prior to making major changes like this because this can go sideways.

Linux is not Windows

As the header above suggests, Linux is most definitely NOT Windows and there is a steep learning curve involved, especially when it comes to using the shell or managing operating system components.

Based on my experience of 24 years of using Linux, I can tell you that:

More often than not, trying to install something on Linux can break because it requires dependencies that may not have been included (or are missing on your flavor of Linux), which almost always requires some investigative work using the Linux shell. In most cases, using the Linux shell will require some deep understanding of how Linux works. Probing questions using AI can help.

Troubleshooting Linux (in terms of patching / fixing dependencies) means lots of Googling and wading through oodles of pages written in ultra Linux-speak, then manually locating and patching the appropriate dependencies and trying to patch whatever it is you were originally trying to patch again. If it fails, well, you might have a nice mess to clean up and your 'patch job' may have also broken other dependencies which will most definitely cause you to swear. Ask me how I know.

And, because Linux is not Windows, you won't be able to use the programs you normally use - unless you use a Windows emulator like Wine - but there is no guarantee it will work 100%, even if the program has been ported to Linux (without an emulator required).

You certainly won't be able to play games properly even with Wine because Wine is emulating Windows, which is going to slow things down considerably. Also, video card drivers probably won't work properly under Wine.

Yes, Linux is Good Enough if All You Do is Browse and Email

Some may argue Linux is good enough for browsing the web and reading emails, and if that's all you do, great - use Linux and be done with it and pray you never have to manually patch anything.

For me: ain't nothing like the real thing baby - I'll take a fully supported and patched Windows, thanks. I've been using Linux since 2001 and program scripts in the Linux environment daily, but still prefer the awesomeness and ease-of-use of Windows.

There's a reason why Windows is used as much as it is world-wide. It just works. Most people use Windows because Windows is easy to use and there is a ton of software for it.

It all makes sense.

Option #2: Get a New / Used Windows PC and Port Your Data - I Can Help

Another long-term solution is that you can get a good, used PC off eBay that can run Windows 11. Be careful here because not all PC's are equal. Some are faster than others, some (like 13th and 14th gen Intel processors) may self-destruct.

If you're not sure what to get, I can make a recommendation for you - one that is more than adequate and that will be plenty fast - I'm not only an all around computer genius, I'm also an extreme hardware nerd.

I can also build you an exceptional, custom PC and ship it to your door. In either case, send me an email if this interests you - kindly note that fees apply if you want my assistance even if it's recommending a used system 'cause that takes time to research and acquire availability. This also depends on your budget.

Once you receive your new system, I do all the heavy lifting, including remotely transfer all of your data from the old PC to the new one and set up backups and customize anything else you might need. My technical support service is unparalleled - just look at the reviews here.

I would like to note that I am Better Business Bureau A+ accredited with zero complaints and have been in business now for 24 years at the time of writing this article. Read all about my awesome credentials here. Read my BBB reviews here, including a testimonial by Joe that was recently hacked by Moldovan cyber criminals.

Option #3: Pay for Extended Support (for a year?)

As one user mentioned in the comments: another short-term option is to pay for extended support at a cost of $30 per device.

At the time of writing, how long the extended support will last is yet to be determined as I can't find a clear-cut answer. Previous editions of Windows were offered 1 year of extended support as a courtesy to users who are in a pinch, but you are going to face the same problem later: having an unsupported system. In that case, everything else I've said in this article still holds true.

Final Option: Live Dangerously and Ignore Everything I've Said

If you have no intentions of heeding any of my advice and wish to keep on truckin' with an unsupported Windows 10 when that day inevitably comes, then the absolute minimum you should do is make regular backups of your machine and keep those backups offline, meaning that the hard drive that stores your backups should NOT be attached to your machine in case your system is compromised.

You should also practice reverting your data so there aren't any surprises - there's no worse feeling than attempting to do a restore and having the restore fail.

Tips: keep multiple backup sets, test the backups and rotate the backups. Use multiple backup drives if possible in case one of your drives die. Disk images are your friend. But it's all easier said than done if you're not familiar with these concepts.

Once again, if you need help with this, I can assist remotely and by phone. I am more than thrilled to answer all of your questions and concerns. Send me an email if you want my assistance. Please note that fees apply - I don't work for free.

Lastly: don't complain if your Windows 10 gets compromised if it is no longer supported, because, well, you asked for it. If it does happen, expect it to happen again and again because most break-ins are automated by bots that will probe your machine 24/7 looking for a way in. I know this to be true because my web server is constantly being probed and tested by bots in China and Russia all day long, every day (at least, that's what my logs say).