🟠 High | Source: The Register — Security
Approximately one in six Windows machines globally still runs Windows 10, despite Microsoft’s end-of-support deadline of October 2025 drawing ever closer. Once support ends, these machines will stop receiving security patches, leaving a vast attack surface exposed to unmitigated vulnerabilities. For organisations with unmanaged or legacy endpoints connecting to cloud environments, this represents a growing and tangible risk.
Security Architect’s Take: Audit your estate now for Windows 10 endpoints with access to cloud resources — particularly those using federated identity, VPN, or direct cloud API access — and prioritise either forced migration to Windows 11 or isolation via network segmentation and conditional access policies that block non-compliant devices from reaching sensitive cloud workloads.
Original advisory: Windows 10 refuses to die, and the security bill is coming due