The UK’s National Cyber Security Centre (NCSC) has urged Microsoft customers to prioritize upgrading all their devices from Windows 10 to Windows 11 over the next three months, or risk being exposed to damaging attacks.
The agency warned that after Windows 10 reaches its end-of-life date of October 14, 2025, it will no longer be supported with security updates. This will mean users’ operating systems will be exposed to unpatched vulnerabilities.
“It goes without saying that the security risks of not upgrading are significant. In addition to the difficulties associated with being out of support, an out-of-date operating system is a prime target for cybercriminals,” the NCSC wrote in a blog post dated July 14.
The agency highlighted past cases where cybercriminals exploited unpatched versions of the legacy Windows XP system. This includes the WannaCry ransomware attack in 2017, which severely impacted NHS services in the UK.
Despite this risk, Windows 10 still has a sizeable number of users, with many organizations reluctant to upgrade to Windows 11, according to the NCSC.
NCSC Chief Technical Officer, Ollie Whitehouse, warned: “While Windows 10 was released more than a decade ago, it is still used widely by enterprises and not upgrading is akin to incurring a debt at a high interest rate – with the threat of forced repayment at a future date.”
Whitehouse added: “The NCSC implores any organization that has not already migrated to a more modern system to do so to help address security vulnerabilities in your devices and ensure overall cyber resilience. This is essential as demonstrated by the requirement to maintain supported software in Cyber Essentials.”
Windows 11 Offering Enhanced Security
The NCSC noted that Windows 11 offers significant new security features by default.
Some of these, such as Bitlocker, Virtualization-Based Security (VBS) and Secure Launch, were available in Windows 10, but required manual activation or configuration.
Windows 11 has also introduced additional security-enhancing features including Native passkey management, improvements to Windows Hello and changes to the default behavior of features like Credential Guard.
Additionally, the NCSC noted that current Windows 10 users will need certain hardware requirements to upgrade.
These include Trusted Platform Module (TPM) 2.0, Unified Extensible Firmware Interface (UEFI) and support for Secure Boot.
“If your devices lack even one of these features, you’ll be unable to upgrade easily. If your organization is using unsupported devices, the upgrade to Windows 11 provides excellent justification for purchase of new hardware,” the NCSC said.
Image credit: Mundissima / Shutterstock.com
