Yes, it can be done.
I know it’s a controversial position that not everyone agrees with, but I believe it’s quite possible to keep using Windows 10 safely after Microsoft ends its official support of the operating system.
There are two things you need to do. Both are things you should be doing already.
Using Windows 10 safely
You can still use Windows 10 safely after support ends by doing two things: practice safe computing and use good security software. Even without new updates from Microsoft, with smart habits and good tools, your PC won’t suddenly become unsafe.
Related
Internet Safety: 7 Steps to Staying Safe Online
Staying safe online doesn’t have to be overwhelming. I'll show you seven practical steps anyone can follow to protect themselves from malware, scams, hackers, and everyday digital dangers.#2374
First, practice safe computing
This is the single most important thing you need to do to keep using Windows 10 safely.
In fact, it’s something you should already be doing and should represent no additional work on your part. Windows 10 end of support is simply a reminder not to drop your guard.
What does that mean? From my most important article:
- Use good security software. (More on this below.)
- Keep your other software up-to-date.
- Secure your online accounts.
- Educate yourself.
- Secure your home and mobile connections.
- Remember physical security.
- Back up.
I’ll go one step further and say that your actions are much more important than anything Microsoft might fix in the operating system, regardless of the version of Windows. Why? More people are compromised by skimping on those things than they are by some random unpatched vulnerabilities.
In fact, most unpatched vulnerabilities require that malware make it past you to be exploited. In other words, if there is something that Microsoft doesn’t patch, your good habits are what protect you.
Related
What Security Software Do You Recommend? (2025 Q3 update)
My updated guide cuts through the hype with four no-nonsense steps to keep your PC safe. Learn what works, what to avoid, and how to stay secure without overspending or overcomplicating.#3517
Second, use good security software
I continue to recommend Windows Security (aka Windows Defender) as a solid security solution built right into Windows. It’s already there, and you may already be using it.
Microsoft has stated that they will continue to provide security definition updates for Windows Security until at least 2028. Thus, even on Windows 10, where Windows itself will not be updated after the end-of-support date, the security software will remain current.
There are also several other good security suites that you can switch to (Windows Security will step out of the way when you install them) that will continue to provide protection long after Windows 10’s end of support.
Two-step protection
The result is what I’ll refer to as two-step protection:
Related
Should You Sign Up for Extended Security Updates (ESU) for Windows 10?
I'll review the security protection for Windows 10 beyond its official end-of-support date: what it means, pros and cons, and what we know about how to get it -- perhaps even for free.#175852
- Your good habits will prevent malware from reaching your machine.
- Up-to-date security software will detect and thwart most everything else that might make it through.
Extended Security Updates (ESU)
If you intend to continue to use Windows 10 past its end-of-support date, consider signing up for Extended Security Updates.
The ESU program is nothing more than an extension of the end-of-support deadline for one year. After that year is up, you’ll simply continue as above, relying on yourself and your security software once again.
But aren’t operating system updates critical?
Keeping all your software as up to date as possible has always been important, and that hasn’t changed. However, “important” doesn’t mean “can’t live without”.
Security — all security — is about playing the odds and stacking the deck in your favor. There’s no such thing as perfection, even with Windows security updates.
Related
In Search of Perfect Security
Perfect security doesn’t exist, online or anywhere else. But you can be “secure enough.” Learn how to balance safety and convenience, make smart trade-offs, and use the right mix of tools and habits to protect yourself without making technology a burden.#21748
Looking at it a different way, all these things have to be true for something bad to happen to your computer1:
- There must be a bug in Windows.
- That bug must represent a security vulnerability of some sort.
- Hackers need to know about the bug.
- Hackers need to devise a way to exploit the bug for malicious purposes.
- There must be a way for hackers to get that exploit to you — typically as malware.
- You have to “allow” the malware onto your machine, usually through a download of some sort, including attachments.
- Your security software must miss the fact that malware has been downloaded to your machine.
- You have to “run” the malware, meaning you run a download or open an attachment.
- Your security software must miss the fact that malware is running on your machine.
Thwarting any of those items means that the malicious vulnerability will not affect you. Ongoing security updates deal only with #1, and even then, only if #2 is deemed “important enough”.
Malware still has many hoops to jump through before it impacts you.
Your job: keep your guard up for the steps you control. That means not allowing malware onto your machine to begin with and using good security software.
Related
Why I Don’t Expect a Windows 10 Apocalypse
Don't believe the FUD; your PC won’t suddenly collapse into chaos when Windows 10 support ends. With updated security tools, smart habits, and backups, you can keep using Windows 10 safely long after Microsoft stops updating it—without fear, hype, or panic.#181353
The objection
There are two primary objections to what I suggest.
- There is a theory that hackers have already discovered one or more vulnerabilities but are holding on to that knowledge until after the end-of-support date. After that date, they’ll release malware exploiting the vulnerabilities and wreak havoc.
- Some people think that Windows vulnerabilities are found so frequently that it’s inevitable that something will be discovered after the end-of-support date, and hackers will exploit the vulnerability and wreak havoc.
I don’t think hackers are disciplined2 enough for the first to have any merit. Windows 7’s end of support faced the same fear, and nothing came of it. In a way, it’s merely a subset of the second point.
As for the second, I don’t buy it. Sure, there’s a constant stream of bug fixes to Windows — we see it every “patch Tuesday” — but by and large, those a) aren’t security issues, and b) those that are rarely affect broad swaths of Windows users.
On top of that, most bugs are introduced as software is changed. Windows 10 isn’t changing anymore. The rate at which Windows 10 vulnerabilities are being introduced should be at a near standstill. The only potential concern would be vulnerabilities that have gone undetected for a long time, which by definition should be nearly none.
We have experience
As I’ve said in a few places, we’ve been here before. We have experience with exactly this scenario in two interesting and different ways.
First, when Windows 7’s support ended, there were dire predictions of both of the objections above: a previously known vulnerability to be unleashed after the end of support, and dire consequences to follow. Neither materialized.
Just as there are people who want to stick with Windows 10 today, some folks kept on using Windows 7 safely after its end of support. How? By following the two-step protection I outlined above. Some are still using Windows 7 today!
Second, some people have been running Windows 10 without updates for some time already. For various reasons — often the perception that Windows Updates are more disruptive than they’re worth — individuals disable updates. That means no updates at all, security or otherwise. They’re apparently happy with their result.
I also hear from others looking forward to the cessation of Windows 10 updates for that very reason.
Related
No, Windows 11 Is Not Forcing You to Buy a New Machine
Your old machine won’t suddenly become useless. I'll explain why Microsoft’s hardware rules aren’t a conspiracy, and what real options you have, from keeping Windows 10 to exploring Linux, without wasting good hardware.#179314
Microsoft only benefits from your fear
I’m not one to jump onto conspiracy theories, and while I don’t think this is intentional, it’s worth pointing out.
It’s in Microsoft’s best interest to let all the FUD (fear, uncertainty, and doubt) about Windows 10’s end of support go unchallenged. The more people feel they must update to Windows 11, even if that means getting a new machine, the better Microsoft (and PC manufacturers) make out.
That you can keep using Windows 10 safely isn’t a message you’re going to hear from Microsoft.
The wildcard: third-party software
One fly in the Windows 10 ointment might not be Microsoft at all. At some point, the software you use from other sources may stop supporting Windows 10.
This is another path we’ve been down previously. After Windows 7 support ended, most software from other sources kept right on working. In fact, many continue to work and be updated on Windows 7 to this day.
But not all. At various points in the years since, some software vendors have decided to stop supporting Windows 7. In most cases, though, it was several years after Microsoft’s Windows 7 support ended.
There’s every reason that the same will happen to Windows 10. In fact, I’ve heard reports of at least one software package already requiring Windows 11 for future versions.
There’s little you can do about that other than move to Windows 11, find an alternative that still supports Windows 10, or keep using the last version that still supports it.
Do this
Upgrade to Windows 11 if it makes sense for you. That means both you and your hardware are compatible with Windows 11.
If that’s not you, however, you can keep using Windows 10 safely by following the two-step process I outlined above. Those two steps should already be what you’re doing, anyway.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Footnotes & References
1: Not including non-operating-system-related stuff. For example, “something bad” could still involve phishing, which has nothing to do with Windows or Windows Security Updates.
2: Some, maybe, but relying on so many to keep a secret for that long, particularly when exploiting such a vulnerability could lead to some short-term gain, just doesn’t seem reasonable.
We have several PCs in our household that all officially do not support Windows 11. But with a modified Windows Install USB stick made with Rufus all of them now run Windows 11 without any problems so far. This seems to be safer for me than to stick to Windows 10.
My daughter tells me that she was notified by the huge and well known (US) Tax Prep company she uses will not be allowing their product to be purchased and downloaded to a Windows 10 computer starting this coming tax season.
They will only allow tax returns to be completed while online at their website. This is something that would concern her. She feels safer preparing the return while offline, then only when it is complete does she go online to send it.
I suspect other companies may do similar things and we may be “forced” to upgrade if we want to continue using all the products we are used to and like.
She can save a lot of money and hassle by using TaxAct instead. I’ve used it for over 10 years and wouldn’t use anything else. Very user-friendly interface and good online and phone support.
You’re talking about TurboTax. No need to upgrade your daily driver computer. Just create a Windows 11 bootable USB and use it for TT (many instructions online on how to do that). Or use an old computer to upgrade to Windows 11. The farce about this “security” stuff is that TT will work even if you install Windows 11 21H2 (from 2021), with no additional updates or upgrades, and with no TPM on your computer. Well, until Microsoft gets wise to this loophole.
Turbotax uses the latest end-to-end encryption. It’s just as secure as using the app.
Freetaxusa.com is great and inexpensive. (Free federal, 14.99 for state.)
25/09/25
Hi Leo, I agree that simple rules concerning daily activity on the PC would keep one’s PC secure. However, in my case I have purchased a new Windows 11 computer and use it as my main PC. Whilst my Windows 10 PC has been completely re-set to factory settings without any files being saved. I use this PC in my bedroom as a TV set watching You Tube videos only. I have downloaded the Chrome browser (not linked) and through that am using a couple of my E-mail clients which are linked of course to my iPad and main PC. I don’t intend to do many searches on the old PC, but may do some now and then whilst I am looking for videos to watch. I generally save the links to videos to watch on one of my E-mail clients and thus all I have normally to do is to click on those links through my linked E-mail client. Now my query is that if my old PC is infected somehow, would that spread to my other devices through my E-mail clients which are linked? Secondly, is there any other way that this arrangement would be a danger through the Internet and affect any of my other equipment?
I would appreciate your kind advice, and thank you for your attention.
Carl Vaz.
The majority of the risk is still covered by my recommendations in the article: practice good security. The risk, for example, is that you download a malicious attachment and run it. That’s a risk on either 10 or 11. Once malware is on either machine, there are forms of malware — fortunately now very rare — that might travel from machine to machine across your local network. Again, very rare these days. I don’t see anything particularly concerning about emailing a youtube link to yourself, though.
Hello Leo,
thank you for this article, it’s very helpful. I am not one to rush in and get the latest upgrade or the latest OS, I prefer to wait for a while until the dust settles (and the bugs are found).
You mentioned “Good Habits” in the article, but you didn’t tell us about these good habits, perhaps some folk need reminding? i.e., don’t open unknown emails, don’t click on links in strange emails, don’t download drivers from unknown sites, etc, etc.
Cheers from Australia
Dianna
See Leo’s linked article: https://askleo.com/internet-safety/
Something else to be aware of is that very few of the vulnerabilities of the vulnerabilities that MS fixes with these security updates are actually exploited or even known about in the wild. If you’re running mission critical things on your computer, then yes, upgrade to 11, but if you’re a casual home user, follow Leo’s excellent advice here and you’ll be fine on 10.
You’re mostly right, but some attacks are completely out of your control,such as drive-by downloads, zero-day exploits, and other remote vulnerabilities. Even if you’re cautious and use good antimalware software, those tools can’t catch everything. That’s why keeping your software up to date is such a critical layer of protection. It closes the holes before attackers can exploit them.
We still have a couple Win-7 machines up and running, no problems at all. What Leo advises for Win-10 applies to 7. We use free security software & Macrium Reflect. In addition to common sense and a modicum of computer savvy, we remain uninteresting. As for physical security, you can’t beat bears!
Another thing to consider if you have a PC that reportedly cannot support Windows 11 is to analyze the CMOS settings thoroughly. I have an i5 Lenovo laptop that my employer washed out of their fleet of PCs because of this issue. I found that the CMOS was set for TPM 1.2. Win11 requires TPM 2.0. By changing the setting, the PC took the upgrade without issue. Some PCs can have TPM 2.0 added with a small board available from Amazon and elsewhere. Usually run around $25. NOTE: As mentioned above, I also used a thumb drive set up with Rufus, though my only purpose was to eliminate the requirement for a Microsoft Account.
Leo, step 2 of your list was good security software. I am currently using free version of Malwarebytes. Have you posted a video where you rate which security software programs that you trust to do a good job of protecting Windows 10 computers? If so, please provide the link. Thank you
https://askleo.com/security-software-recommend/
@Dave,
The free version of Malwarebytes does not include any real time protection, it is merely a malware scanner/remover. My guess would be that you using Microsoft Defender for real time protection but you need to double check that.
That’s a good point, I checked and it does offer real time protection. Thanks
The Malwarebytes free version does not do real-time scanning. If your free version offers it, it’s probably the trial version which will eventually revert back to the “On demand only” version.
Doesn’t look like I can use Defender unless I have at least Microsoft 365 personal or higher. Correct? What is your reco for next best protection for Windows 10 PC?
Thanks
Hey Ted,
No, that is not correct. Microsoft Defender is free and available for everyone running Windows, with zero requirements. What you are talking about is a comparatively new offering from Microsoft called “Microsoft Defender for Individuals”. Microsoft Defender and Microsoft Defender for Individuals are different animals. Microsoft Defender is a free antivirus that is built into every modern Windows operating system as part of Windows Security. Microsoft Defender for Individuals provides security across multiple devices – including Mac, iOS, and Android – and, as you rightly point out, requires a Microsoft 365 subscription. It also includes several features over and above Microsoft Defender’s capabilities.
I’m pretty sure that Microsoft’s naming convention is specifically designed to confuse. 🙂
Here is a link to Leo’s antivirus recommendations: https://askleo.com/security-software-recommend/
The Defender I’m talking about is built in to Windows. Windows Security. (The “other” Defender – thanks Microsoft – is something else. Of course.)
I have an older laptop PC that I inherited from my wife when she passed away in 2019. It meets all of Microsoft’s requirements for Windows 11 except that it’s CPU is not on the compatibility list, so the Windows 11 installation fails.
I found an item on ZDNet that describes how to work around these Microsoft Windows 11 requirements at “https://www.zdnet.com/article/yes-you-can-upgrade-your-old-pc-to-windows-11-even-if-microsoft-says-its-incompatible/”.
If you want to install Windows 11 on your Windows 10 computer, both successfully, and legally, read the item linked above, and follow the directions for Option 1, providing your computer supports UEFI, it has a TPM module (version 1.2 or 2.0) enabled (recognized as present), and supports secure boot, even if it’s not enabled, otherwise you’ll have to follow the directions for Option 2.
My older laptop (mentioned above) meets the requirements to follow the directions for Option 1, so I followed the instructions carefully (I created a new registry key as directed in the article) and the Windows 11 installation went smoothly and now it’s running Windows 11 24H2 quite well, and I get all Windows Updates the same as I do on my other two computers that fully support the Windows 11 system requirements.
I hope this post helps other readers,
Ernie
I’m still using XP on one computer that I built years ago, so no worries about 10 until I can’t connect to my bank online anymore.
If you no longer can get into your banking website with XP, you can get a lite Linux distro like Mint.
The Windows 10 account that I use does not have Administrator privileges. Does that give me more protection against malware and viruses?
Yes. It adds a layer of protection by preventing adding programs or making system changes by requiring an administrator password to make those changes.
Under those circumstances, would you trust an outdated Windows 10 computer to do online banking transactions? Is it any more vulnerable that an updated machine?
I would trust such a machine, coupled with my own good habits.
If a bank does security right, and I believe all do, you can safely do online banking in an Internet cafe. I wouldn’t do it even with a VPN, but it’s end-to-end encrypted.
Slightly. Running as an administrator-capable account with UAC enabled gets you 99% of the same protection.
Yesterday on a bus, the display showing the stops crashed. The Windows 7 logo appeared. Some banks are still using Windows 7, although I believe banks have customized ESU.
I apologize, but I have forgotten what you provided as a means to stay on Windows 10 even on a machine that supports Windows 11. I have a laptop on Windows 11 which I detest and only use when I have to. I am one of those people who still use a computer that has Windows 7, but I have been slowly switching to Windows 10 on a different computer, which I have played with to look similar to Windows 7. There is no way that I can modify Windows 11 to have that look and feel that is completely supported by Microsoft. Of course, I am going against Microsoft support by staying on Windows 10. If I can find a way to avoid the automatic upgrade I would greatly appreciate it.
Regards –
How to Block the Windows 11 Upgrade and Stay on Windows 10
I got a notification a few weeks ago that I can ‘enroll’ (why would I need to enroll?) in the ESU thing. I click Enroll and in typical MS fashion, the next page was so cryptic and unrelateable, I didn’t know what to do. Now, I don’t see a clue anywhere as to how to do this.
Visit Settings -> Windows Update. Should be there.
Leo, you do excellent work.
In July 2024 the shop removed a virus from my Win 10 computer by installing Comodo antivirus. I enrolled in ESU in Aug 2025. The shop says Comodo will still work after Windows support ends.
If there is a problem, would I be able to turn off Comodo and turn on MS Defender antivirus. How would I do this?
My computer has been receiving regular Security Intelligence updates and for Malicious Software Removal Tool x64. Would these be re-activated?
Yes, once Comodo is uninstalled, Microsoft Security should kick in and start scanning in real time again.
Thanks SO MUCH for your reasoned, insightful article. It guided my decision to stay with Windows 10, for now. Hope you don’t feel like the guy in the old movie Animal House shouting “all is well!” near the end. Here’s another motive for staying with WIN 10:
At home I currently use a HP L5L28JU desktop with WIN 10, 4 GB 64-bit, 6 years old. Cute thing, compact & a tough little pony engine that doesn’t even use a cooling fan, just breathes ambient air, very reliable; much the best of my 4 computers. Quite adequate for my home use, “won’t support” WIN 11. As I’m retired on a fixed income, a new device is a major decision.
Well aware nothing lasts forever, or even very long in the digital world, I know a new machine must be in the near future. Your article decided me not to buy new now, but wait until either this machine expires from senile dementia, or perhaps I do.
Thanks again for all your great work, –Curry
Microsoft is the KING of the tech industry.
They won’t give up on Windows 10; they know it’s their bread and butter. This is just all doom-and-gloom by the media (aka Fake News) to downplay how great America/American Tech is.
Shame on the staff here and perpetual basement dwellers (aka trolls) that try to demonize everything American/Microsoft.
SHAME!
Microsoft will eventually give up on Windows 10. It will likely offer ESU to banks and enterprises for several more years as the have been doing with older Windows versions.
Fore example, WIn XP-Embedded ESU ended in 2019. Windows 7 commercial ESU ended in 2023, and Windows 10 Enterprise ESU is expected to end in 2028.