Today is October 15, 2024, and we are (almost) exactly one year away from the official end of support for Windows 10 on October 14, 2025. With this deadline approaching, it’s important for organizations to plan their next steps. Before we look ahead, I’d like to share some personal reflections on Windows 10 since it first launched.
Going back in time
.. to 2015 actually.
Before Windows 10, I was deploying Windows 7 across our company using SCCM and Microsoft Deployment Toolkit. While these tools were powerful, managing Windows 7 deployments had its challenges. One of the most time-consuming tasks was integrating the Service Pack and what came to be around 250 individual patches into every deployment image. This process was not only tedious but also prone to errors, making maintenance a significant burden. There never was a Service Pack 2 either.
When Windows 10 was released in 2015, it felt like a breath of fresh air. One of the most welcome changes was the introduction of Cumulative Updates (CUs). Unlike Windows 7, where we had to handle numerous separate patches, Windows 10’s cumulative update model simplified patch management significantly. Instead of dealing with tens – or even hundreds – of individual updates, we could now apply a single package that included all previous fixes.
This improvement made deploying and maintaining Windows 10 images much more efficient. Using SCCM and MDT became even more effective in this new environment. We could build customized, up-to-date deployment images with ease and roll them out across the organization without the headache of tracking and applying numerous patches.
Additionally, packaging modern apps and delivering them seamlessly across the organization felt kind of revolutionary. It improved how we worked and set new standards for end-user computing solutions. Still today we use the Click-to-Run installer..
It wasn’t always easy though – the modern UWP apps were a bit “different”. While we’re more used to it now, they install in user context and consequentially don’t work well for multiple users, as they have to be installed separately for each user.
Firmware frontiers
Another big change during this time was the transition from Legacy BIOS to the Unified Extensible Firmware Interface (UEFI). Windows 7 didn’t have the best support for UEFI and notably did not support Class 3 UEFI systems. This limitation was primarily due to Windows 7’s using the legacy BIOS INT 10 video mode, which isn’t available in Class 3 systems.
That’s ok of course, but because of this, Windows 7 couldn’t fully utilize advanced UEFI features like Secure Boot and faster startup times. It required systems to run in legacy BIOS-compatibility mode to function properly, which became a significant limitation as hardware technology advanced.
With the arrival of Windows 10, using UEFI became much more accessible and practical. Windows 10 fully supported UEFI, including Class 3 systems, allowing us to take full advantage of its benefits:
- Faster Boot Times: UEFI can initialize hardware more efficiently, leading to quicker startup times.
- Enhanced Security: Features like Secure Boot help protect the system from malware during the boot process by ensuring only trusted software is loaded.
- Support for Larger Drives: UEFI allows for booting from disks larger than 2 TB, which was a limitation with BIOS.
- Modern Hardware Compatibility: Better integration with new hardware technologies and architectures.
Implementing UEFI with Windows 10 made deployments more efficient and secure. Using SCCM and MDT, we could standardize UEFI configurations across devices, simplifying the deployment process. This shift not only improved performance but also enhanced the overall security of our systems. This shift not only improved performance but also enhanced the overall security of our systems.
That’s not to say Secure Boot hasn’t had its issues though.. While meant to enhance security, it’s also been criticized for limiting user control and flexibility. Issues have come from expiring or revoked certificates, and has particularly affected users who rely on non-Microsoft operating systems like Linux distributions.
All good things come to those who wait
As the saying goes, “All good things come to those who wait.” Looking at today’s hardware, we have seen significant advancements. Since Windows 11 was introduced, many laptops now come with the specifications needed to run it effectively. By holding off on immediate hardware upgrades, many organizations have inadvertently positioned themselves advantageously.
Over time, their hardware inventories have naturally updated through regular purchasing cycles. As a result, many devices now meet or exceed Windows 11’s requirements without needing major hardware investments.
From a performance perspective, I would recommend at least 12th-Generation Intel processors (or AMD equivalents). These newer processors offer better performance and energy efficiency. For memory, 16 GB has become the new standard over 8 GB for many use cases, although this can depend on specific needs.
From a security perspective, there are several enterprise features that leverage Virtualization-based Security (VBS), such as Credential Guard, which significantly strengthen the overall security model. These features require modern hardware with virtualization support, further justifying the benefits of updated hardware.
All in all, this means that moving to Windows 11 can be smoother and more cost-effective. Organizations can focus on planning and training rather than dealing with widespread hardware compatibility issues or large investments.
Windows 11 Hardware Requirements
While we’re on that, just to rehash the actual requirements:
- Processor: 1 GHz or faster with 2 or more cores on a compatible 64-bit processor (8th Gen Intel Core or newer, AMD Ryzen 2000 series or newer).
- RAM: 4 GB or more.
- Storage: 64 GB or larger storage device.
- System Firmware: UEFI, Secure Boot capable.
- TPM: Trusted Platform Module (TPM) version 2.0.
- Graphics Card: DirectX 12 compatible graphics / WDDM 2.x.
- Display: >9-inch display with HD Resolution (720p).
- Internet Connection and Microsoft Account: For Windows 11 Home edition, requires internet connectivity and a Microsoft account to complete device setup on first use.
They’re not too far off the Windows 10 requirements actually, but as I said earlier, I would strongly suggest you run it on something a bit faster.
End of Support – unless?
Windows 10 has been a reliable part of our professional lives. However, with mainstream support ending, there will no longer be free security updates or patches provided. It’s important to note that Microsoft offers Extended Security Updates (ESUs) for purchase through a special licensing option. These ESUs are available for up to three years after the end of support, but the cost increases each year. If you decide to opt-in during the third year, you’ll also need to pay for the first and second years’ updates.
While ESUs provide a temporary solution, relying on them can be costly and is not a sustainable long-term strategy. This isn’t just an IT issue; it’s essential for business continuity and needs immediate attention. Planning for an upgrade or migration now will save resources and reduce risks associated with running unsupported software.
What’s really interesting about this round of ESUs, is that Microsoft has stated that consumers will be able to purchase extended support through the Microsoft Store or a similar channel, meaning they won’t need a Volume Licensing Agreement or Software Assurance. They haven’t been clear on the pricing and when it will be available, other than “in due time before October, 2025”. It’ll be interesting to see how many will take them up on the offer.
Moving on – The Final Thoughts…
Windows 11 is more than just the next version of Windows 10; it’s designed for today’s hybrid work environments. It offers enhanced security features, an improved user experience, and better performance to meet the needs of modern workplaces.
It also works really well with Windows 365, and features like W365 Boot allows for super flexible and even sustainable and “green” workplace solutions.
However you wanna see it, the countdown has begun. With one year left until Windows 10’s mainstream support ends, it’s time to take action – whether you want to or not. Sure, Extended Security Updates offer a temporary safety net, but they are not a long-term solution. And they’re costly. Let’s view this not just as an upgrade, but as something more – giving your business a flexible, secure, and innovative digital workplace.
Stay tuned for more insights on navigating the digital landscape. For more information on planning your migration strategy, visit Alt Tab to Work or connect with me on LinkedIn. Together, we can make this transition a transformative journey.
