Two different things, two different dates, and two different costs.
There’s no shortage of confusion around Windows 10’s end-of-support date. This question has been asked a few times: What’s the deal with paying for ESU until 2026 if Windows Security will continue to be updated through 2028?
It’s an apples-and-oranges kind of comparison. Even though they have similar names, they’re two different things.
Let me explain.
Security to 2026 or 2028?
Windows Defender will keep updating its malware database until 2028, but that’s not the same as fixing flaws in Windows itself. Extended Security Updates (ESU) cover those fixes, pushing updates to Windows until 2026. Defender protects against new malware; ESU fixes Windows bugs.
Windows Defender updates through 2028
In Microsoft’s How to prepare for Windows 10 end of support by moving to Windows 11 today article, they include the following statement:
Microsoft will also continue to provide Security Intelligence Updates for Microsoft Defender Antivirus through at least October 2028.
This means that one program — the anti-virus tool in Windows Security called Windows Defender — will continue to receive updates to its database of known malware through 2028. This will allow it to detect new malware that’s released between now and then.
Related
Should You Sign Up for Extended Security Updates (ESU) for Windows 10?
I'll review the security protection for Windows 10 beyond its official end-of-support date: what it means, pros and cons, and what we know about how to get it -- perhaps even for free.#175852
This only affects Windows Defender, and only its database of malware1 (AKA Security Intelligence Updates).
The reference to 2028 refers only to Windows Defender.
Help keep it going by becoming a Patron.
Extended Security Updates through 2026
If a bug is discovered that creates a severe security vulnerability, Windows Update will receive a patch to fix the software and presumably remove the security vulnerability.
This is what Windows Update normally does. This is what is scheduled to end a few days after this article’s posting in October 2025.
The ESU program simply extends that date by one year to October 2026.
It’s free if you meet certain conditions, or $30 for one year. If it’s available to you, you should find the offer in Windows 10’s Settings -> Windows Update.
Do this
If you continue to use Windows 10, then:
- Windows Defender will continue to get database updates through 2028. You don’t need to do anything.
- You can choose to sign up for the ESU program so your copy of Windows will receive security-related fixes until October 2026.
Subscribe to Confident Computing! More information about Windows 10 as it nears its end of life, as well as less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Footnotes & References
1: I refer to it as a database, though I suspect it’s more complex than that.
A lot of the confusion comes from Microsoft’s inability to come up with decent names. They recycle names, for example, the 4 different meanings of Outlook: outlook.com, Outlook Classic (MS Office component), Outlook New [a substandard email program included with WIndows], and the now defunct, Outlook Express.