End of Windows 10 Support Looming? Don't Worry, 0patch Will Keep You Secure For Years To Come!
October 2025 will be a bad month for many Windows users. That's when Windows 10 will receive their last free security update from Microsoft, and the only "free" way to keep Windows using securely will be to upgrade to Windows 11.
Now, many of us don't want to, or simply can't, upgrade to Windows 11.
We don't want to because we got used to Windows 10 user interface and we have no desire to search where some button has been moved to and why the app that we were using every day is no longer there, while the system we have is already doing everything we need.
We don't want to because of increasing enshittification including bloatware, Start Menu ads, and serious privacy issues. We don't want to have an automated integrated screenshot- and key-logging feature constantly recording our activity on the computer.
We may have applications that don't work on Windows 11.
We may have medical devices, manufacturing devices, POS terminals, special-purpose devices, ATMs that run on Windows 10 and can't be easily upgraded.
And finally, our hardware may not even qualify for an upgrade to Windows 11: Canalys estimates that 240 million computers worldwide are incompatible with Windows 11 hardware requirements, lacking Trusted Platform Module (TPM) 2.0, supported CPU, 4GB RAM, UEFI firmware with Secure Boot capability, or supported GPU.
What's going to happen in October 2025?
Nothing spectacular, really. Windows 10 computers will receive their last free updates and will, without some additional activity, start a slow decline into an increasingly vulnerable state as new vulnerabilities are discovered, published and exploited that remain indefinitely present on these computers. The risk of compromise will slowly grow in time, and the amount of luck required to remain unharmed will grow accordingly.
The same thing happened to Windows 7 in January 2020; today, a Windows 7 machine last updated in 2020 with no additional security patches would be really easy to compromise, as over 70 publicly known critical vulnerabilities affecting Windows 7 have been discovered since.
Leaving a Windows 10 computer unpatched after October 2025 will likely open it up to the first critical vulnerability within the first month, and to more and more in the following months. If you plan to do this, at least make sure to make the computer hard to access physically and via network.
For everyone else, there are two options to keep Windows 10 running securely.
Option 1: Extended Security Updates
[Updated on 10/31/2024 with ESU consumer pricing]
If you qualify, Microsoft will happily sell you Extended Security Updates (ESU) , which means another year, two or even three of security fixes for Windows 10 - just like they have done before with Windows 7, Server 2008 and Server 2012.
Extended Security Updates will be available to consumers for one year only (until October 2026) for the price of $30. Educational organizations will have it cheap - just $7 for three years -, while commercial organizations are looking at spending some serious money: $61 for the first year, $122 for the second year and $244 for the third year of security updates, totaling in $427 for every Windows 10 computer in three years.
Opting for Extended Security Updates will keep you on the familiar monthly "update + reboot" cycle and it will only cost you $4 million if you have 10k computers in your network.
If only there was a way to get more for less...
Option 2: 0patch
With October 2025, 0patch will "security-adopt" Windows 10 v22H2, and provide critical security patches for it for at least 5 more years - even longer if there's demand on the market.
We're the only provider of unofficial security patches for Windows ("virtual patches" are not really patches), and we have done this many times before: after security-adopting Windows 7 and Windows Server 2008 in January 2020, we took care of 6 versions of Windows 10 as their official support ended, security-adopted Windows 11 v21H2 to keep users who got stuck there secure, took care of Windows Server 2012 in October 2023 and adopted two popular Office versions - 2010 and 2013 - when they got abandoned by Microsoft. We're still providing security patches for all of these.
With 0patch, you will be receiving security "micropatches" for critical, likely-to-be-exploited vulnerabilities that get discovered after October 14, 2025. These patches will be really small, typically just a couple of CPU instructions (hence the name), and will get applied to running processes in memory without modifying a single byte of original Microsoft's binary files. (See how 0patch works.)
There will be no rebooting the computer after a patch is downloaded, because applying the patch in memory can be done by briefly stopping the application, patching it, and then letting it continue. Users won't even notice that their computer was patched while they were writing a document, just like servers with 0patch get patched without any downtime at all.
Just as easily and quickly, our micropatches can be un-applied if they're suspected of causing problems. Again, no rebooting or application re-launching.
0patch also brings "0day", "Wontfix" and non-Microsoft security patches
But with 0patch, you won't only get patches for known vulnerabilities that are getting patched on still-supported Windows versions. You will also get:
- "0day" patches - patches for vulnerabilities that have become known, and are possibly already exploited, but for which no official vendor patches are available yet. We've fixed many such 0days in the past, for example "Follina" (13 days before Microsoft), "DogWalk" (63 days before Microsoft), Microsoft Access Forced Authentication (66 days before Microsoft) and "EventLogCrasher" (100+ days before Microsoft). On average, our 0day patches become available 49 days before official vendor patches for the same vulnerability do.
- "Wontfix" patches - patches for vulnerabilities that the vendor has decided not to fix for some reason. The majority of these patches currently fall into the "NTLM coerced authentication" category: NTLM protocol is more prone to abuse than Kerberos and Microsoft has decided that any security issues related to NTLM should be fixed by organizations abandoning their use of NTLM. Microsoft therefore doesn't patch these types of vulnerabilities, but many Windows networks can't just give up on NTLM for various reasons, and our "Wontfix" patches are there to prevent known attacks in this category. At this time, our "Wontfix" patches are available for the following known NTLM coerced authentication vulnerabilities: DFSCoerce, PrinterBug/SpoolSample and PetitPotam.
- Non-Microsoft patches - while most of our patches are for Microsoft's code, occasionally a vulnerability in a non-Microsoft product also needs to be patched when some vulnerable version is widely used, or the vendor doesn't produce a patch in a timely manner. Patched products include Java runtime, Adobe Reader, Foxit Reader, 7-Zip, WinRAR, Zoom for Windows, Dropbox app, and NitroPDF.
While you're probably reading this article because you're interested in keeping Windows 10 secure, you should know that the above patches are also available for supported Windows versions such as Windows 11 and Windows Server 2022, and we keep updating them as needed. Currently, about 40% of our customers are using 0patch on supported Windows versions as an additional layer of defense or for preventing known NTLM attacks that Microsoft doesn't have patches for.
How about the cost? Our Windows 10 patches will be included in two paid plans:
- 0patch PRO: suitable for small businesses and individuals, management on the computer only, single administrator account - currently priced at 24.95 EUR + tax per computer for a yearly subscription.
- 0patch Enterprise: suitable for medium and large organizations, includes central management, multiple users and roles, computer groups and group-based patching policies, single sign-on etc. - currently priced at 34.95 EUR + tax per computer for a yearly subscription.
The prices may get adjusted in the future but if/when that happens anyone having an active subscription on current prices will be able to keep these prices on existing subscriptions for two more years. (Another reason to subscribe sooner rather than later.)
How to Prepare for October 2025
Organizations
Organizations need time to asses, test, purchase and deploy a new technology so it's best to get started as soon as possible. We recommend the following approach:
- Read our Help Center articles to familiarize yourself with 0patch.
- Create a free 0patch account.
- Install 0patch Agent on some testing computers, ideally with other typical software you're using, especially security software.
- Familiarize yourself with 0patch Central.
- See how 0patch works with your apps, report any issues to support@0patch.com.
- Deploy 0patch Agent on all Windows 10 machines.
- Purchase licenses.
- In October 2025, apply the last Windows Updates.
- Let 0patch take over Windows 10 patching.
Home Users and Small Businesses
Home users and small businesses who want to keep using Windows 10 but don't need enterprise features like central management, patching policies and users with different roles, should do the following:
- Read our Help Center articles to familiarize yourself with 0patch.
- Create a free 0patch account.
- Install 0patch Agent on your computer(s).
- See how 0patch works with your apps, report any issues to support@0patch.com.
- Purchase licenses.
- In October 2025, apply the last Windows Updates.
- Let 0patch take over Windows 10 patching.
Distributors, Resellers, Managed Service Providers
We have a large and growing network of partners providing 0patch to their customers. To join, send an email to sales@0patch.com and tell us whether you're a distributor, reseller or MSP, and we'll have you set up in no time.
We recommend you find out which of your customers may be affected by Windows 10 end-of-support, and let them know about 0patch so they have time to assess it.
More information:
- We're a reseller. How can we resell 0patch to our customers?
- We're a Managed Service Provider. How can we offer 0patch to our customers?
- We'd like to become a 0patch distributor. How do we get started?
Providers of special-purpose Windows PCs and software or hardware incompatible with Windows 11
With every major operating system upgrade, a lot of software and hardware gets left behind, either for lack of drivers, functionalities that don't work or work differently on the new OS version, costs of migration, or any other reason. If you are a hardware or software vendor, or a vendor providing special-purpose Windows PCs, and your product works with Windows 10 but not with Windows 11, reach out to sales@0patch.com - we may be able to help you and your customers.
Suppliers of Refurbished Windows 10 Computers
A lot of used PCs get refurbished and find a new owner for a more affordable price compared to a new PC. Both suppliers and buyers of such refurbished PCs can count on 0patch to provide critical security patches for Windows 10 v22H2 for at least 5 years after October 2025.
Suppliers of refurbished Windows 10 PCs should make sure to install Windows 10 v22H2 and set up automatic Windows Updates such that updates will be installed as long as they are available. They should also let the buyers know about 0patch and provide them with the following instructions:
- Create a free 0patch account at https://central.0patch.com.
- Install 0patch Agent on your computer(s) and keep using 0patch FREE.
- See how 0patch works with your apps, report any issues to support@0patch.com.
- In October 2025, apply the last Windows Updates.
- Purchase a 0patch license.
- Let 0patch take over Windows 10 patching.
Frequently Asked Questions
Q: How long do you plan to provide security patches for Windows 10 after October 2025?
A: We initially plan to provide security patches for 5 years, but will extend that period if there is sufficient demand. (We're now in year 5 of Windows 7 support and will extend it further.)
Q: How much will it cost to use 0patch on Windows 10?
A: Our current yearly price for 0patch PRO is 24.95 EUR + tax per computer, and for 0patch Enterprise 34.95 EUR + tax per computer. Active subscriptions will keep these prices for two more years in case of pricing changes.
Q: What is the difference between 0patch PRO and 0patch Enterprise?
A: While both plans include all security patches, 0patch Enterprise also includes central management via 0patch Central, multiple users and roles, computer groups and group-based patching policies, single sign-on and various other enterprise functions.
Q: What is 0patch FREE?
A: 0patch FREE is a free 0patch plan that only includes "0day patches", i.e., patches for vulnerabilities that don't have an official vendor fix available (yet). 0patch FREE does not include security patches needed for keeping Windows 10 secure after October 2025. Please see this article for more information on restrictions regarding 0patch FREE.
Q: Will Windows Defender keep working and receiving updates on Windows 10 after October 2025?
A: We're confident it will: Windows Defender is still working and receiving all updates on Windows 10 versions that have long gone out of support, such as v1809 or v2004. We expect Defender will remain fully operational on Windows 10 v22H2 at least as long as this Windows 10 version keeps receiving Extended Security Updates (October 2028), but likely longer as some Windows 10 versions like v1809 (E) (LTS) or v21H2 IoT (LTS) remain supported until 2029 and 2032, respectively.
Q: Does 0patch also provide general technical support for Windows 10?
A: No. We only provide security patches and support related to using this service.Q: Where can I learn more about 0patch?
A: Our Help Center has many answers for you.
How does 0Patch accommodate the aging of browsers that will eventually stop working in the Windows 10 environment? Thank you
ReplyDeleteMajor browsers will likely support Windows 10 as long as Extended Security Updates are provided by Microsoft - at least this was the case with Windows 7. After that, we will security-adopt the then-current Edge version on Windows 10 as we did with Edge on Windows 7. If all browser vendors abandon Windows 10 at some point, Edge with our patches will be the only reasonably secure browser there.
DeleteMicrosoft made my Computer change to Windows 11, without my permission some month ago. Since this moment I don't like to use it any more and I started to do everything with my Smartphone. With your Patches, could I go back to Windows 10? Is it very difficult? I have also installed Office 365. Thank you for answering!
ReplyDeleteSorry, 0patch can't help you get back to Windows 10, but if you do get back to Windows 10 and keep it updated till October 2025, 0patch can help you keep your Windows 10 secure for years to come.
DeleteWhat about the free version of 0patch? Will it suffice for an individual with one PC?
ReplyDelete0patch FREE only includes "0day patches", i.e. patches for vulnerabilities that don't have an official vendor fix available. 0patch PRO and Enterprise provide you with all patches, including those you'll need for keeping Windows 10 secure.
DeleteThis is fantastic news! I've been a 0patch PRO subscriber for my Win 7 pc from day one and it's been great to have this option. In addition to my Win 7 pc I also have two laptops and three desktops running Windows 10, I will be purchasing 0patch Pro for them too.
ReplyDeleteWill your support also work for those in the US? If you have win 10 pro on your end would you consider it home user or would that fall under enterprise?
ReplyDelete1) Yes, 0patch can be used anywhere in the World, except in the sanctioned countries.
Delete2) It is considered a home/non-commercial computer if you're not using it at work or for work, even if it is "Windows Pro"
Which countries are the sanctioned countries? Is US a sanctioned country? Thanks, I live in US and have a W10 home PC.
DeleteCurrently, sanctioned countries include North Korea, Belarus and Russia.
DeleteSounds very good to me! One question, though: I only use Windows for gaming and do everything else on Linux. Is it possible your virtual patching will trigger anti-cheating mechanisms of competitive online games?
ReplyDeleteYes, since our agent injects into various processes, it tends to trigger anti-cheating mechanisms in various game processes. This can be resolved by setting exclusions for such processes. Please see this article: https://0patch.zendesk.com/hc/en-us/articles/4403637394706
DeleteI have a MacBook Pro laptop with Windows 10 Pro installed. Is there any issues with the Mac OS "Bootcamp" using your patch updates?
ReplyDeleteHi there, we've had users report problems with 0patch on Windows 7 running on Bootcamp, but they resolved them by upgrading to Windows 10 (on Bootcamp). In any case, we're no testing 0patch on Mac so it would be wise to try with 0patch FREE first and see how it works.
Deletei have my own homelab and routinely use VMs or re-image devices to keep my skills current and to test configurations
ReplyDeletei am not a Enterprise / Business user. i guess my questions are as follows:
1) will updates persist upon removal of the client?
2) in terms temporary VM spinups.
-- is there a downloadable repository of the updates for devices with no internet access.
1) No, if you uninstall 0patch Agent, all our patches are gone as well because they are getting applied in memory each time a process loads an executable module that we have one or more patches for. Uninstalling 0patch Agent removes this so processes are no longer being patched.
Delete2) We have no downloadable repository of our patches. You can install and register 0patch Agent in a newly launched VM and register it to your 0patch account, just make sure that you have enough licenses in your account for the number of registered agents. You may have to delete computers (temporary VMs) in 0patch Central to avoid exceeding your license count.
I have two Windows 10 Computers that cannot upgrade to W 11, and I am not in a position to purchase new computers.
ReplyDeleteIf I decide to get 'Opatch', I have two questions:
a. From when would I need to obtain a Licence for getting the 'patches', and, b. Will I need a separate Licence for each computer.
Thank you in advance.
a) Please follow the recommended steps from the above article (section "Home Users and Small Businesses"). To keep Windows 10 protected with 0patch you don't need to purchase a license before October 2025.
Deleteb) Yes, each computer with registered 0patch Agent requires one license, so you'll need two licenses.
I would like to purchase OPatch to support a desktop using Windows 10 that cannot run on Windows 11. I do not need it until November 2025. If I buy OPatch now, I will pay a subscription fee for no reason until November 2025. What do you suggest? Thank you
ReplyDeleteIf you buy PRO now, you will be getting our occasional "0day" patches until October 2025, and then both "0day" patches and Windows 10 patches from October 2025 onward. Obviously the latter has significantly more value than the former so if you're not too concerned about 0days, better wait until Windows 10 end of support.
DeleteI have installed PRO on my Windows 7 machines. Should I do the same for my Windows 10 machines now or wait until October 2025?
ReplyDeleteIf you want to use 0patch for protection against "0day" vulnerabilities on Windows 10, you can start using PRO there right away, otherwise wait until October 2025.
Delete