2 min read

Windows 10 still runs on 16.9% of PCs

Lansweeper says one in six monitored Windows devices still use Windows 10, even as support deadlines near and security exposure grows.

Image: The Register

Windows 10 is proving stubbornly hard to retire. According to asset tracking firm Lansweeper, the OS still runs on 16.9 percent of the Windows devices it monitors — roughly one in six — even as migration to Windows 11 has slowed sharply.

A year ago, Windows 10 made up about half of the machines in Lansweeper’s dataset. That dropped into the low-to-mid 40 percent range by the time Microsoft ended standard support, then fell further to 18.6 percent in June. Lansweeper says the decline has now nearly stalled.

That leaves organizations facing a shrinking safety net. Systems enrolled in Microsoft’s Extended Security Updates (ESU) program can still get security fixes, but only for a limited time. Consumer devices can receive updates until October 12, 2027, while commercial customers that pay for ESU can extend coverage until October 10, 2028.

Small and medium-sized businesses appear especially exposed. Lansweeper estimates that 21.4 percent of SMB machines still run Windows 10. The figures are higher in some sectors, including healthcare and pharmaceuticals at 23 percent and consumer and retail at 22.7 percent.

Recommended reading

AWS CloudFront outage knocks Hugging Face offline

The security gap is already wide. Lansweeper says a Windows 10 device carries an average of 1,903 active CVEs, compared with 652 on Windows 11 — a 2.9x difference. Esben Dochy, principal technical evangelist at Lansweeper, told The Register that the Windows 10 figure includes devices with ESU patches applied.

Lansweeper also pointed to patch diffing as a growing risk: fixes shipped for Windows 11 can be reverse-engineered to uncover weaknesses in Windows 10. As the company put it, the supported OS can effectively give attackers a map to the unsupported one.

Only 14 percent of Windows 10 assets in Lansweeper’s data have ESU patches applied. Dochy said many of the remaining machines are not simply unpatched through neglect, but are stuck because of vendor dependencies, certification gaps, cost, or accepted risk. He cited medical devices, industrial systems, and retail hardware that are tied to vendor certification or locked to specific OS versions for compliance and warranty reasons.

In some cases, customers cannot solve the problem by buying ESU alone because the vendor controls OS changes and certification timelines. Other devices sit in air-gapped or isolated environments, where organizations are knowingly accepting the risk for now.

With Windows 11 adoption flattening and new PC hardware costs continuing to rise, the remaining Windows 10 base looks less like a cleanup task and more like a long tail of systems that “can’t or won’t” move — and the closer those patch deadlines get, the more expensive that choice becomes.

Marcus Vance

Enterprise Editor

Marcus follows the money. He covers enterprise software, cloud architecture, and the tectonic shifts in Big Tech strategy. He translates dense earnings calls and complex M&A activity into actionable insights about where the industry is actually heading. If a tech giant makes a silent pivot, Marcus is usually the first to notice.

via The Register

// Keep reading