Windows 10 officially hit EOL 6 months ago - still supporting clients who never upgraded. Anyone else?
Posted by cmitsolutions123@reddit | sysadmin | View on Reddit | 337 comments
We warned them for years. October came and went. And somehow I'm still sitting here managing Windows 10 machines for clients who just... never moved.
At this point what's your stance - do you keep supporting them with extra fees, give them a hard cutoff, or just let them deal with the consequences? Genuinely curious how others are handling the post-EOL reality because it's messier than I expected.
Tex-Rob@reddit
This is so weird as someone who lived through several other OS that people didn't want to get rid of. Getting people off NT 4.0, XP, and 7 were hell, and the people had no good case for still being on them. Windows 11 is still a steaming pile, so it's weird for me to hear judgement of the end users.
48 year old, been building PCs since the 386 days, Windows since 3.0, and I'm still on Windows 10 on my main machine. My laptop is in the final stages of being moved fully to Fedora, I just have to work one last kink out with a piece of software that I use to manage a laser cutter, and then no more Windows 11 in my house.
I'd be more pissed at Microslop, in the past they extended EOL support, and also offered support for big clients who were willing to pay. They forced Windows 11 on people faster than any other OS they have in decades, so yeah, people are still gonna be on Windows 10.
cmitsolutions123@reddit (OP)
Honestly that's a fair perspective and you're not wrong about Windows 11 - a lot of our pushback from clients isn't laziness, it's genuine frustration with the upgrade experience. The compatibility issues alone have caused us more headaches than the actual EOL transition.
The Microsoft blame is real too. They created this situation by making 11 feel like a forced downgrade for a lot of users. We're just stuck in the middle trying to manage the fallout.
Dabnician@reddit
except when windows 12 comes out everyone will praise how windows 11 is better and probably stfu.
cmitsolutions123@reddit (OP)
And we all know it's true lol. Same thing happened with 7 to 10. Everyone was convinced 10 was garbage and now people are fighting to keep it. Windows 12 drops and suddenly 11 will be "actually pretty solid once you got used to it."
The cycle never ends, we're just along for the ride.
Confident-Pepper-562@reddit
people just hate change.
noodlesdefyyou@reddit
win11 is far from 'fine'. unless you like shit like this for no good reason
Confident-Pepper-562@reddit
you mean where they identify a security hole and patch it?
Thats true of every OS iteration...
PowerShellGenius@reddit
A hole created by turning a tool that exists to be simple into needlessly complex slop. They got rid of WordPad so they could gradually turn notepad into a Whittier version of wordpad??
Confident-Pepper-562@reddit
If you think notepad is complex, you are using it wrong.
PowerShellGenius@reddit
I don't mean complex as in "I have trouble using it". I mean "its purpose is a plain text editor, why add things that don't fit in a .txt file?"
How would this markdown CVE exist if it wasn't processing markdown?
Why should I need a .txt editor to sign into my account?
Confident-Pepper-562@reddit
Because some people could benefit from the added features. While it may not benefit you, your ability to use it the way you want to is not impeded.
noodlesdefyyou@reddit
a security hole that need not exist in the first place? its fucking notepad, why is it 'executing' anything except putting the letters from my keyboard on to the screen
Confident-Pepper-562@reddit
your own link explains why. You definitely sound like one of those people who hate change. Thats too bad, change happens whether you like it or not. At least they realized there was a problem and fixed it.
Do you actually know anyone who was impacted by this problem?
Moleculor@reddit
What I hate is change for no good reason.
There was no good reason to take away a raw text editor and replace it with... that.
Confident-Pepper-562@reddit
The reason was to remove wordpad, and improve the overall functionality of notepad.
Just in doing so, they opened up a security flaw, that they then went back and closed.
Devs are smart, but they are human (mostly). Fun fact, the very first android phone (HTC Dream) had root level console access directly tied to the keyboard. So even at a lock screen, you could enter whatever console commands you want, and the device would execute them with root access. How did they miss that? Smart idiots.
Moleculor@reddit
Another seriously stupid idea.
And, again, a stupid idea.
It's supposed to be a raw text editor. It's lack of fancy bells and whistles is the feature.
Confident-Pepper-562@reddit
If you are such an expert on what changes are worth making, then maybe you should apply to work for microsoft and tell them how to do everything better.
narcissisadmin@reddit
Wrong. People hate change for the sake of change. And it's 2026...there's no fucking excuse for scaling back customization options.
trullaDE@reddit
It pretty much added an extra click - or even a hover - everytime I want to use something. I don't mind that (much) on my private system, but during work it just pisses me off. Yes, I will get used to it, but I don't see how I will ever not hate it.
Confident-Pepper-562@reddit
Once you get used to it, then switch to windows 12 and however that works, you will miss it.
trullaDE@reddit
If they make it worse again, sure.
But that's the point, for my work flow, it IS not just a little different, it sucks dick. I can't change that, so I have to get used to it, but it's like getting used to haemorrhoids: doable, but still a pain in the ass. And what you are saying is I should be happy about my haemorrhoids, because it could be colon cancer.
OSzezOP3@reddit
Agreed, been using 11 since launch, never had any major issues with it.
Tex-Rob@reddit
This isn't really related to this sub, but I've noticed that younger generations never experienced a better life, so they seem happy eating the sh** sandwiches that are fed to us today in 2026. I'm sorry, but I've been doing this about 40 years, since I was a kid, and you're just wrong.
Confident-Pepper-562@reddit
You are wrong for thinking you have been doing this longer than I have. Windows has included qol updates in every version, and every version has had security holes that need to be patched. Thats how development works. Even linux has zero day exploits. If not, then updates would never been needed.
Dabnician@reddit
honestly people just hate the UI changing, i hate when i log into a web based tool and everything is renamed because the UI team needed to act busy.
Confident-Pepper-562@reddit
Ive been explaining this to people for years. They hate having to learn something new every few years, but what I like to tell them is that by doing it this way you are only learning relatively small changes. If instead you went from windows 3.1 to windows 11, it would be a huge knowledge gap to adjust to. So embrace the small changes as they come, its much easier than basically learning a new language overnight.
garbageadmin@reddit
Nice that you conveniently skipped 8 from that comparison...
Tex-Rob@reddit
I have to wonder how long some of y'all have been doing this? It feels like you didn't live through Microsoft consistently screwing up every other OS, for decades. It's kind of comical. I am kind of rusty, but let me see if I can remember the sequence.
I lost track of pre Server 2003 for the server side:
Server: NT 4.0 great, NT 2000 sucked, 2003 great, 2008 terrible, 2008 R2 great, 2012 terrible, 2012 R2 great, 2016 was actually OK and the server line generally bucked the trend some going forward. A lot of people never even experienced 2012 non R2, it had massive network stack problems. IIRC 2012 R2 was more original code than any other R2 in the past, because the base OS was so screwed up.
Home: 95 marks the start of the full OS era (not running on DOS), 95 was good, 98 was bad, 98 SE was great, ME was terrible, XP was great, Vista was terrible, Win7 was great, Win8 terrible, 8.1 technically was better but nobody used it, Windows 10 great, and here we are...what comes next?
GremlinNZ@reddit
Missed out Win2K for desktop and Server 2025 is only good if you don't ask much from it
-awinisawin-@reddit
yeah, like they did with 8.1 when 10 came out...
Hashrunr@reddit
What type of compatibility issues have you encountered? I started when Win2000 to XP was ongoing in enterprise. Been through XP to 7 to 10. Win10 to Win11 has been the easiest by far. I published the upgrade in Company Portal 2.5yrs ago and we started pushing it 1yr ago to the few people who hadn't upgraded yet.
anfotero@reddit
When I was hired as a Windows sysadmin I installed Windows on my home machine too, to have a coherent environment. I returned to Linux as soon as 10 went EOL, 11 in its current state is torture.
ledow@reddit
Microsoft still technically offer EOL support for Windows 10, and you can pay for it, and in the EU you're entitled to 2 years of it still.
It's the same.
The difference is, we're in a world of cybersecurity requirements now and no business should be able to justify their use of something they have a "free" upgrade from in that environment (to their auditors, to their CEO, to their insurers, etc.).
(P.S. Went fully-Linux over Christmas - have been using Linux since the early 90's, and spent 10 years with Linux as a primary desktop many years ago. But I have to be PAID to manage Windows, so at home everything is Linux again. Literally everything.)
zatset@reddit
Windows11 comes with constant bugs that severely impede the normal work process. If I was to force Windows11 on some machines the situation would have been so bad that nobody will receive their paycheck.
ledow@reddit
Gosh, as someone supporting/recommending/basing their business on Windows, I'd cry to Microsoft about that if I were you.
Equally, if you recommend people stay on 10 and they're hacked because of it, guess where their lawyers are going to come looking?
narcissisadmin@reddit
None of your bullshit snark changes the fact that W11 is, and always has been, a fucking buggy mess.
ledow@reddit
Then... complain to Microsoft, not me.
You think MS backed down on AI out of the goodness of its heart? No, people in business told it that it was shit and dangerous and they backed away from it.
If you choose to base a life / career on the whims of Microsoft, the only person to complain about that to is Microsoft.
(Yes, I manage Microsoft networks... by the simple of precept of "You have to PAY me to touch that stuff, and if MS say we need to move on... we're moving on." Which is what we did at my workplace. People moaned and bitched and I just shrugged and said "Hey, you wanted to use Microsoft, right?")
zatset@reddit
We moved to Windows10 IoT LTSC. It comes with support up to 2032 - security fixes. They broke the smart card API. It is required to send information in order for our organization to be paid at all. We work with institutions. They claim their systems work. But in reality they don't work with Windows11. It is more than a year that Microsoft deprecated the old smart card API those systems rely on. And no release of the software we are legally bound to use in order to be paid at all that is actually compatible with Windows11.
Ozwulf67@reddit
I work for a Healthcare System (6 Hospitals and 160 Clinics). We had to keep Win10 LTSR and extended updates for a while (Thousands of apps, Hundreds of vendors did not support Win11). What are you going to do? Let patients die? lol...we got through most of it now and are in the process of mass upgrades and replacements to Win11 devices (30K+)
zatset@reddit
The budget is an issue too. Imagine having to replace 500 computers because they were perfectly capable of running anything from 7 to 10, but not 11. BTW, MSP?
Ozwulf67@reddit
We are all in house IT. (600 strong)
narcissisadmin@reddit
Ah, so it sounds like Microsoft knew with certainty that the EU would sue the fucking shit out of them so they just give them the 2 years of updates for free. Got it.
whitoreo@reddit
Funny thing: If you open a command prompt in windows 11 and type ver [enter] it spits out 10.xxxx Windows 11 is just Windows 10 in a clown suit.
cats_are_the_devil@reddit
Yup, win11 is literally just repackaging for windows 10. Hell, 25H2 out of box looks almost identical to win10.
RabidTaquito@reddit
You must be blind if you think they're at all similar, let alone identical lmao
narcissisadmin@reddit
Bruh..W11 is essentially explorer.exe with a facelift.
AdmRL_@reddit
That's not notable lol?
That's just the kernel architecture version. Both 10 & 11 are built on top of NT 10, the same way Vista, 7 and 8 were all built on NT 6.
They only bump internal major version numbers when there's a significant enough architectural difference with the kernel that compatibility can't be guaranteed from one version to the next so there doesn't need to be mass updates to consumer products having to account for a new version of windows being compatible with their product, they just check the major version number and Microsoft aligns them based on feature compatibility.
narcissisadmin@reddit
Right, so tell me again why W11 is magically incompatible with older hardware...
1RedOne@reddit
Same as how windows 8 was a service pack update on windows 7
noodlesdefyyou@reddit
xp was vista without the memory leak
AdmRL_@reddit
Vista came after XP. Vista was XP with a memory leak.
noodlesdefyyou@reddit
oh right, 7 was vista without the memory leak
cheeeeeeeeezits@reddit
To be fair, that’s the version of NT, the underlying OS that has stuck around for decades at this point. Windows 7 was the same way; it’s was technically version 6.1 after Vista was 6.0
GardenWeasel67@reddit
10 years is actually the norm for a Windows OS.
Windows 95 - 6 years
Windows 98 - 8 years
Windows NT 4.0 - 10 years
Windows 2000 - 10 years
Windows XP - 12 years!
Windows Vista - 10 years
Windows 7 - 13 years
Windows 10 - 10 Years
zatset@reddit
You are forgetting the small little issue…that of those 10 years at least 5 are needed in order for the major bugs and problems to be fixed. You definitely don’t want MRI or Radiotherapy machine working with unstable software trying your brain.
fnordhole@reddit
You don't want any of that equipment running on Windows at all.
zatset@reddit
Don't make it Windows vs Linux debate. You do NOT choose what a operating system a custom piece of equipment/machine runs on. You have limited number of manufacturers, budget constraints, certification requirements and medical standard requirements. The situation with stuff that runs Linux is in no way better. Even Linus Tovards had forgotten that the kernel version of the Linux running on such machines had ever existed.
GardenWeasel67@reddit
Oh I know. That is why we have devices still on ESU.
fnordhole@reddit
Windows 2000 was a tank !!
I ran that on my home machines for 10 years straight.
Skipped over XP and Vista and straight to 7.
illhaveubent@reddit
But what's not the norm is that most existing Windows 10 machines cannot be upgraded to Windows 11 due to lack of TPM 2.0 and/or Microsoft's arbitrary 7th gen cutoff. All other Windows versions could be installed without requiring hardware upgrades.
Raichu4u@reddit
This was something I was surprised that the entire corporate world just put up with. With the costs I have been seeing in terms of having to replace entire fleets of computers, I am surprised some big players didn't essentially just tell Microsoft to pound sand.
zatset@reddit
Big players buy in bulk and replace the machines not longer after their warranty support expires. Especially when the hardware was cheap..that wasn’t an issue. I mean filling the landfills in third world countries. But especially in government, healthcare and sector like that.. it’s bad.
Raichu4u@reddit
With the increase in PC's with tariffs, the AI crisis with ram, etc, it just seems like not an insignificant cost though. I have been seeing some of our clients really get squeezed this last year when trying to replace computers.
HotTakes4HotCakes@reddit
Are you talking about moving people from 7 to 8 or 7 to 10? Because they damn sure had good cases for not being moved off of 7 to 8.
And frankly, there's still plenty of downsides to 10 people have decided to just accept and forget about.
TU4AR@reddit
People must be new in IT. I was still supporting XP when 10 dropped.
I get paid to tell them to update, they pay me to keep things in order.
Roarkindrake@reddit
I stuck with it but my work vm runs off VMware horizon and it's breaking on win10. I decided to take the plunge and I'm midway through moving everything to my nas to rebuild on arch. Ima miss apex etc but realistically it's probably better to force myself to learn Linux for work anyway
MortadellaKing@reddit
Windows 11 was the final push I needed to fully ditch windows at home. Even my work laptop I installed Pop OS on it and just RDP to my windows RDS environment.
10 is just so polished and just works, we have a lot of LTSC/IOT Enterprise deployed now for systems that can't be upgraded or can't be disturbed.
Unethical_Gopher_236@reddit
I guess 10 years is too quick
Delicious_Rub_6795@reddit
I have fond memories of XP and 7. Not so much of 98, crashed too often. Since 10 they've been pushing online accounts, onedrive and such... I can't say moving away from XP/7 felt more valid than towards 11, especially in its current state
sevenfiftynorth@reddit
I've been using Windows 11 since October, 2011, and I think Windows 10 looks like a dinosaur operating system at this point.
Foreign_Inside_6609@reddit
As an IT admin for a school board we will have Windows 10 devices for a few more years. But that's just due to the fact that we don't have the budget to replace them all at once.
We'll likely end up purchasing the ESU licenses until we're able to replace them.
ilyas-inthe-cloud@reddit
I'd support it only as an exception tier with ugly pricing and a written cutoff date. If you keep treating Windows 10 like normal support, clients hear "this is fine" and never move. The goal isn't to punish them, it's to make the risk and operational cost impossible to ignore. We did the same thing with legacy infra. once the premium showed up on the invoice, migrations suddenly became urgent.
ZestycloseBag414@reddit
I charge them the same hourly charge. If tvings doesnt work and the device is in W10, Theres not much more i can or will do.
admiralporkchop@reddit
Is their business still functioning? Are there remotely exploitable vulnerabilities that can't be motivated by EDR?
No?
That's called risk management. Soon as there's actual material financial exposure, they should ignore you and keep rockin w10.
whatyoucallmetoday@reddit
There are XP machines still on our open network running equipment. Wish we could get them on a separate network.
pbjamm@reddit
Machine Shop?
I worked in one 15yrs ago and the new mills had XP interface instead of DOS. It was a huge upgrade though it had been retired for years at that point.
Lord_Pinhead@reddit
In my old company, there was a CNC Mill from the company Wiest, build 1984, running with a Commodore Computer for the CNC Part and a Windows 95 added later, to backup the NC programms to a network drive. The adapter never worked on a different system than Win95, so this combo ran till 2022.
Sadly, I had no room for the machine, I would've took it in and reworked it in my spare time.
pbjamm@reddit
I believe it. The machine shop I worked at was for making custom tooling for the vacuum furnaces they sold. The EPROM writer they used for their control firmware was attached to an Apple][. They actually had a store room upstairs that had like 10 backup Apple][ computers in case the one ever failed. In the 6yrs i worked there it never did. Fucking workhorse for decades.
Lord_Pinhead@reddit
Lol nice. I remember in my education company, we had a shop to harden parts in furnaces. They were also computer controlled and the computer was a 486 somewhere hidden in a wall.
We had a truckload of parts for it and our IT boss, a real nerd and hacker we learned a lot from, copied the controller board and made his own controller boards. Reason was, they failed every few years, because of the heat. Any cooling idea did not work, we could not Reposition it because the IO cables were proprietary, so no extension possible, the company building it was long gone. Meanwhile, they updated it because the nerd retired and his successor can't solder a wire, even when his life would depend on it, or create some software for the problem they have. Sadly, he has to go in (paid) to give support from time to time. So no rest for the wicked :)
BoringLime@reddit
When you get into laser, c&c, plasma and oxy burning machines, these are long-term purchases and out last whatever windows OS they ship with them. The machines last around two decades. So they will all eventually be out of date. So we just isolated them all onto there own network. They have a very small number of services they use, which makes that easy to secure.
I inquired about our handful of remaining nt 4 machines, and the cost was between $25k to 50k for them to replace the plc and the computer. It's a package deal. But the reality is they are quickly back out of date. They don't use windows update that I have ever seen, either.
slonk_ma_dink@reddit
Yeah this is the reality in manufacturing. I finally got one clients plasma cutter off of their wireless network due to the onboard wlan card dying. God threw me a bone there, moved them to an automated flash drive-sneakernet workflow which is more reliable anyway.
TheDarthSnarf@reddit
Laughs in NT 4.0...
zatset@reddit
Actually NT 4.0 is pretty decent/stable system. As is Windows 2000. Vista had high system requirements for the time. But Windows10 was fiasco the first years, till they finally fixed it up. And Windows11 is terrible fiaco.
Zealousideal_Ad642@reddit
I dunno about nt4, I remember having to reapply the service pack on nt4 after updating drivers which used to take like an hour. Plus I used to manage citrix metaframe on nt4 and touching print drivers was an lucky dip as to which driver will bsod my server(s) today?
I think 2008 wasn't bad though if you ever dealt with p2v then you ended up with so many ghosted devices which were a pain to remove. The first iteration of 2012 was a disaster. Having to explain that silly metro interface with ppl was such a huge time killer. I lost so much time during one particular project trying to explain to an offshore team that I had indeed installed all the apps on their servers as requested and this is how you find them.
NeverLookBothWays@reddit
Oh man, I’m so sorry.
(Had to support OS/2 way longer than I should have myself)
TheDarthSnarf@reddit
Worked in banking, we supported OS/2 systems WAY past the official end-of-life as all the ATMs, and some other esoteric yet critical systems ran on it.
rileyg98@reddit
ECommStation?
fresh-dork@reddit
those aren't PCs. they're machines with a computerized control system. i'd expect isolated vlan as standard install protocol. especially when the vendor typically doesn't offer upgrades or close shop after 10-15 years
slonk_ma_dink@reddit
It is a PC running a set of PLCs, it might be sold as a computerized control system, which is also is, but that doesn't change that it is a standard windows xp install with custom software, hardware controllers, and associated drivers. Calling my dinner spaghetti doesn't make it not noodles and sauce.
TrilliumHill@reddit
Wait, here me out... What if it's sauce and noodles?
mineral_minion@reddit
We recently had a vendor tell us they were offering an upgrade to the WinXP box controlling the (not-networked) production machine. The upgrade price is equivalent to a new car, and runs... Windows 7.
TkachukMitts@reddit
Yup just had a client get a brand new upgraded machine to run a cutting machine - Brand new on Windows 10. And it’s a rebadged Dell that looks like a 6 year old model.
Some of these proprietary machinery companies are a total joke, and make the laziest tech gear.
theMightBoop@reddit
I support a biochemistry lab. Maybe not as bad but similar.
We have some of these robots that just can’t be upgraded. They cost half a million dollars so they aren’t being replaced. The funny thing is, they do order a new one every so many years but all the old ones are kept in case there is an outbreak of something….and it does happen.
We do keep them all on a separate network though. Also, I have spent the last two years upgrading what I can and whispering in people’s ear to upgrade the really old stuff. We do get funds, it’s just (some) scientists won’t upgrade or change unless you drag them kicking and screaming.
whatyoucallmetoday@reddit
University research. They are on the desktop network.
pbjamm@reddit
shocking. that is genuinely crazy.
cmitsolutions123@reddit (OP)
XP on an open network is genuinely scary. Even a basic VLAN would help - isolate those machines so at least they can't talk to anything they don't need to. Might be worth pushing for even if the equipment itself can't be replaced yet.
MOTIVATE_ME_23@reddit
Make an image, run it from a virtual machine, then put them behind a firewall isolates from the rest of your network.
NailiME84@reddit
Doesn’t always work if the machine physically connects to some old CNC or industrial equipment.
It’s been a while since I had to deal with one myself but at one point I delt with a machine that required a serial (rs232) connection and wouldn’t work with a usb/virtual port.
BatemansChainsaw@reddit
an old company I worked for had a flow solder machine controlled by a system running Windows 98.
yeah let that sink in a bit.
It would have been a nightmare if it had to connect to anything more than a serial port as a passthrough device. apparently it's still running like that.
NailiME84@reddit
I did consulting for a long time and had a customer who had a laser engraver that engraved Dies? basically hardened steel bits to go in other machines... so really hard small metal things.
the lasers mainboard broke and they asked me if i could fix it. It was a custom shaped mainboard with who knows what else on it.
They also needed the machine up and running ASAP cause it was costing them 1000s of dollars an hour.
I informed them they needed to reach out to the manufacturer or vendor because it was well out of scope.
3 weeks later they still hadnt contacted them, turns out the vendor was burned by the company not paying or canceling a contract or something. so they had to fly a tech from the manufacturer in. and ended up replacing the machine anyway.
BatemansChainsaw@reddit
it seems like the standard m.o. of manufacturing companies to burn bridges. not pay their bills. generally be dicks to everyone they owe money to.
or I've had the unlucky privilege of working for some shitty places.
humboldtborn@reddit
We had a win2k computer go down. It was part of the machinery on a box making machine. It was 40k to replace. The whole system had to be upgraded because the computer couldn't be replaced.
m4tic@reddit
Can you use a serial over ethernet/tcp device? We have a client with several of these connected to FUCKING FAX MODEMS so machines can float in a vsphere cluster.
NailiME84@reddit
The one I had delt was a CNC lathe? And required a physical port. From what I remember it also only supported a handful of chip types on the serial port. Thing was a few hundred thousand and was a giant pain to support.
Icy_Manager_8620@reddit
At one place I worked, I was calibrateing HP network analyzer's, and the control program ran on windows 3.1 Had to have a separate PC just for that one item. And the hpib isa card to control it. Ah yes fun times.
VeggieMeatTM@reddit
I have remote LE using XP and IE5 for a web app.
PaintDrinkingPete@reddit
One Win7 box for us... but it's only used for one specific task
worthing0101@reddit
If you need a tool and that tool is controlled by say, a NeXt machine, you do what you gotta do. We had 2 of these at the semi conductor company I worked at until 2020.
Manufacturing environments can be the wild wild West of old/weird ass hardware and operating systems.
Slofut@reddit
Try supporting a network with CNC controllers...don't be surprised to see OS's as old as NT in an environment. We don't network those...sneakernet or nothing.
Michelanvalo@reddit
One of our customers is running Windows 2000 on a few PCs that are network connected. It's a machine shop, of course.
TheRogueMoose@reddit
We have a Windows Vista machine that has our ancient payroll system that HR still enters stuff into... Even though we have a whole new system and that old system has a new version that will allow us to import the super old stuff, they just refuse to spend the money
missed_sla@reddit
Somewhere in my past client list is a person I'm 95% sure is still running NT4. Thankfully, it's offline and only used as a controller for an old gate system.
3dickdog@reddit
My old job still had a few NT 4 servers tied into the edi process that nobody wanted to figure out.
Seicair@reddit
Oh gods. I used to work at a place that was running XP machines, (probably still is, if the hardware hasn’t changed,) but every one of them was airgapped. Files were only added to the computer via vetted thumb drives.
HandIndependent8054@reddit
Oh thank God it's not just us.
Nighteyesv@reddit
If you’ve got a contract with them for support then you better have included clauses on what level of support you provide for EOL operating systems. If you didn’t then that sucks and you should add it to any new contracts to avoid continuing to make the same mistakes.
rossumcapek@reddit
I've got one server still on W10 for complicated reasons. I was able to buy an ESU key to allow updates for another year.
naosuke@reddit
I support OT, so we’re on our own segmented network without access to the internet, but I’m stuck on windows 10 and server 2019. Every couple of weeks I get to answer questions from IT leadership or cybersecurity on what the plan is to move to windows 11, but I explain how much it would cost to update our entire OT environment (about $3mm, last I checked) and then they go away for a while.
binarypower@reddit
window 7 laptops still in production in some of our remote locations
Professional_Bat8938@reddit
This is normal. Getting a vendor to move off EOL sometimes is mind numbing.
1960fl@reddit
90% of actual day to day business work could be performed windows XP, Microsoft will continue to push their SAAS model until small business is crushed by IT overhead and corporate moves back to in-house services and Linux based desktops. Remember Microsoft said years ago it's intended to move retail to a smart NAD that had to have connectivity to function. Pay to play.
Blyatman95@reddit
I work for a small MSP. majority are 5-10 employees at most with a sole owner / director. They don’t have an IT budget, they just have “costs” and view every £10 saved as £10 more into their own pocket. You can lead a horse to water is our primary approach. We’ve told them repeatedly, we tried offering a discount on replacement cost by doing a huge bulk order with our suppliers, at this point I can’t bothered to argue with them anymore. You can’t convince these people as simply don’t think the risk is that bad or will ever affect them specifically.
Very tangential but I’m always amazed how many businesses up and down this country are one dodgy email being opened away from folding.
MerlinTrashMan@reddit
Until I can put my taskbar on the left side of my ultra-wide I will continue to run windows 10
CG_Kilo@reddit
Just have them buy the ESU licenses while slowly upgrading? In 3yrs if theachines can't support an in place upgrade they should be retired anyway and will be not functioning well
anfotero@reddit
Of course, 11 is a trainwreck and not everyone is sold on it.
LoHungTheSilent@reddit
It would be great if the spectrum analyzer people didn't charge 10k for the upgrade.
ledow@reddit
Windows 10 is still receiving updates from Microsoft, especially in the EU (another 2 years minimum). So it's not really "EOL" as such.
But you should have announced when YOUR cutoff was, to all your customers, and then beyond that you don't support any ticket which has come from a Windows 10 machine.
MetalSufficient9522@reddit
What a fantasy world that would be. Just "don't support it". LOL
thebigshoe247@reddit
I recentlyish discovered a Windows 95 Compaq on the plant floor of an industrial plant, which prints labels for bags almost daily.
Rock_Paper_SQUIRREL@reddit
It's always those oddball specific machines in a production environment used by folks who aren't incredibly tech savvy and the machine uses maybe 5% of that department's day but my God is it critical and if it stops running the world comes to a standstill for operations.
Cooleb09@reddit
Which tbh is exacrly the reason not to upgrade it to a 'slop era' OS.
Xp fucking worked.
aes_gcm@reddit
Windows 7 was the last good OS from Microsoft. It's all been downhill from there.
HotTakes4HotCakes@reddit
Windows 10 was "good" in the sense it could be cleaned, un-fucked, and properly controlled if you had the right version and put in the time. Once you've done that, it's a mostly worthy successor to 7. But nobody should have to do all of that just to have a decent OS.
Honestly Windows 10 is not something we'll ever get again, because Windows 10 was the result of the failure of Windows 8. After that failure, Microsoft had to step back, pay attention to what customers were saying, and make something decent again.
And then they started making updates and upgrades mandatory, so that they will never face a failure like that again. Now they no longer have to win over consumers by attracting them to a new os, they can just force them to use it, and out goes considerations for what the customer actually wants.
sloth2008@reddit
Windows 2000 was the best thing ever. No one wanted to upgrade to XP.
XP end of life comes and it is the best thing ever and no one wants win 7.
everyone was right that win8 sucks.
Win 10 comes and 7 is the best thing ever and no one want to change. Now 10 is dead and 11 is the worst thing ever and no one wants to upgrade.
Get back to me in a few years and you will see everyone saying 11 is the best and no one wants 12... unless its another ME or 8.
jasmeralia@reddit
ME was the version that I wish I could forget ever existed. It really was the worst version ever.
Haplo12345@reddit
10 was actually pretty good as well, the main bad thing about it was that consumer OS versions can't control when to install updates.
HotTakes4HotCakes@reddit
You say that like it's a minor thing, but what this really means in practice is that Microsoft no longer has to listen to those consumers. When they can force you to upgrade, they no longer have to worry about giving you what you want to convince you to upgrade. Forced updates are effectively the moment where the userbase lost most of its power to influence the direction of windows.
HotTakes4HotCakes@reddit
That's true of literally all of their equipment. There's really nothing abnormal about an offline computer doing specific things on an old OS. I guarantee there's plenty of other machines on the floor that are using equally if not older software, you just don't think it's notable because it's not Windows.
dustojnikhummer@reddit
In my eyes that is no a computer, it's an embedded industrial machine. Won't touch, don't want to know it exists.
thebigshoe247@reddit
You're not wrong. I did feel bad about removing it from service. It did its job so well...
I didn't recycle it though, it earned a better date. It is now sitting in storage, labelled "DO NOT REMOVE" -- so, likely for eternity.
HotTakes4HotCakes@reddit
Is it off network, and continues to function?
What's the problem?
thebigshoe247@reddit
It was moreso "well shit... Nobody knows who set this up, or how it works, or has backups... We should probably plan for recovering from a failure"
Natirs@reddit
It's not that you don't support it, it's that you charge extra per month for clients that have Windows 10 machines.
FrivolousMe@reddit
And those clients leave and run to whoever will support it. Some of us don't chose our clients btw, and will get blamed for losing them even when it's their bad choice.
Raichu4u@reddit
Maybe it's just me, but I think there should be sterner warnings, and paper trails for the potential inevitable "I told you so" for use of an unsupported windows machine connected to the internet, bare minimum.
We already do not want that on our hands at an MSP. If I were working internal again, I would be doing my best to sound any alarms, because any incident would come back ultimately to you.
mahsab@reddit
And what is this inevitable "I told you so"?
There are still many millions of XP machines and they didn't explode in the last 15 years
Raichu4u@reddit
Have we already forgotten WannaCry? XP machines there were definitely a target vector and led to the spreading of it.
mahsab@reddit
Not that much, really: https://www.theverge.com/2017/5/19/15665488/wannacry-windows-7-version-xp-patched-victim-statistics
marklein@reddit
If they plop a Windows NT computer on the network are you just gonna support it? How about Windows 3.0? At some point you clearly do indeed say 'no'. Where that line is drawn is up to you. We have no Windows 10 machines left in production unless they are getting MS updates via extended contracts.
rswwalker@reddit
I think the biggest driver to upgrade is Microsoft Office will no longer receive updates on Windows 10.
SiberianKitty99@reddit
Office no longer gets updates under Win10? Hoo-rah, that’s a Feature, Not A Bug.
FrivolousMe@reddit
Making it harder for people to accidentally end up on NEW Outlook is the best possibility honestly
Haplo12345@reddit
Yeah, I'm still salty about the Ribbon.
PCRefurbrAbq@reddit
Me too. I still remember planning to test out of the MS Office class to get credit for my two-year degree. I'd been using Office programs for ten years, I didn't need a semester's study and hundreds of dollars for a textbook.
Day of the test, I arrived at the proctored machine. It had Office 2010 with the ribbon. I'd literally never seen it before. (I passed, but still.)
rswwalker@reddit
Well feature updates, it will still receive security updates until Oct 2028.
Drywesi@reddit
…so what's the downside?
rswwalker@reddit
It really depends on what the users want. For me, nuttin, but I’m not exactly an Office power user, I could use LibreOffice or even the janky online Office apps.
AlCapone90@reddit
ehm, you get free esu in eu only for your personal devices. ESU is not free for enterprises...
"We are pleased to learn that Microsoft will provide a no-cost Extended Security Updates (ESU) option for Windows 10 consumer users in the European Economic Area (EEA). We are also glad this option will not require users to back up settings, apps, or credentials, or use Microsoft Rewards."
VexingRaven@reddit
Crazy to me that there are people here who don't know their Win10 machines aren't getting updates.
FrivolousMe@reddit
Fuck Intuit but QuickBooks blasting people with giant warning messages about their computer not getting security updates anymore is probably a good thing.
cmitsolutions123@reddit (OP)
Fair point on the EU extended support - should've been more specific. What I meant was mainstream EOL for most of our client base in the US.
And yeah in hindsight a hard cutoff communicated earlier would've saved headaches. We did send notices but clearly not firm enough. That's actually part of what I'm trying to figure out - what a proper enforcement policy looks like going forward.
ledow@reddit
If you quietly support them, they'll turn around one day and say "But this is your fault, you still supported it so we thought it was OK!".
If you charge them extra, they'll accuse you of profiteering and the implication is that running 10 is still OK so long as you're paying someone.
If you just let them deal with it, they'll blame you for not advising them to move on and then not helping when they need you to migrate them.
The only sensible plan is "From this date, we will no longer accept support requests for Windows 10 machines". A bunch of reminders. A script to detect those users and send them a specific on-the-day email, and another email a month after reminding them, and then your sales guys being told that for every requote those customers must be reminded that Windows 10 machines will NOT be covered under any support or licensing package.
narcissisadmin@reddit
Yeah, but if something's not working on a W10 machine it almost 100% has nothing to do with the fact that it's running W10.
ledow@reddit
Until one day... it is... and you've either promised to support those customers and can do nothing about it, or you've literally taken money from them and they still expect you to magically fix it because you never said it was a problem before.
lart2150@reddit
If you charge hourly and they don't have extended updates I would keep reminding them about the security risk.
cmitsolutions123@reddit (OP)
Yeah that's pretty much where we've landed too. Hourly makes sense because at least you're covered when things inevitably go sideways.
The security reminder thing is a constant battle though - we've tried emails, reports, even showing them actual CVEs that affect their machines. Some clients nod and do nothing. At some point you start wondering if they just need to get hit once before it clicks, which is obviously not something you want to happen but also... kind of feels inevitable with certain ones.
Do you find the reminders actually move people or is it more just CYA at that point?
Hg-203@reddit
I would assume CYA. You’re in a sticky spot as an msp. I lucky to work for my employer and can backchannel information like cyber insurance, pci-dss, and other regulatory requirements to find actual impacts to business to force a change.
This is more of a the client has chosen to accept this risk. You are charging hourly for the customer to maybe pay that risk.
If you could setup another deadline and add a eol system support fee for every eol system you need to touch. You need to update your electrical Medical records system? Not only do you pay the standard hourly wage, but an extra $100 for every eol system I have to touch.
lart2150@reddit
After the first two it's just CYA. It's our responsibility to remind people of risk (security and ability to support) but it's their responsibility to buy new computers.
idontknowlikeapuma@reddit
This here. I am in the US but I have a vpn client so I am still getting updates. I can switch which country I’m “in” with just a dropdown.
I won’t use 11 until they fix it, but for the most part I use Linux anyhow. Fuck Micro$lop.
bionic80@reddit
Just tell the clients any W10 support request incurs a 15% additional service premium to recoup costs. They'll switch faster than you can say bubba gump ate shrimp.
Tymanthius@reddit
The way we do it for EOL items is 'best effort'.
We will do what we can, but we don't guarantee that we can fix it/make it work.
GardenWeasel67@reddit
The machines left on expired OSes are always the most critical to keep running and the most expensive to replace.
thomasmitschke@reddit
Switched to 10-LTSC on machines I use. Users all on W11
totally_sora@reddit
Windows admins are so weird to me sometimes.. what consequences? They’re still updating defender.
Zealousideal_Ad642@reddit
I still deal with the random 2008 server.
It's a bit of a shock when logging on and all the windows have sharp/square edges much like nt4 and windows 3.11
fractumseraph@reddit
Yesterday I got a call from an old lady asking me to help her with her PC. She wasn't able to log in to her Yahoo.
Her PC was running 32 bit Vista. Chrome had long since given up. Someone had added Firefox ESR years ago, but even it wouldn't update last version 158ish. Her browsers were not capable of passing bot checks or even running most javascript pages.
But she won't change anything.
kerubi@reddit
I would tell her to wash her PC thoroughly - to get rid of viruses. Use lots of soap water!
RBeck@reddit
Microsoft's biggest single mistake of that era was was letting manufacturers put Vista on low spec hard with Celeron processors, tiny bit of RAM and rotational drives. It had far too many background tasks competing for resources even when the user wasn't touching anything, there was no way for it to be usable.
fractumseraph@reddit
Windows Vista SP2 AMD Anthlon 4450e 2.3Ghz (2 core) 3gb ram 32 bit system
diablo75@reddit
Eh, I removed the monitor. Literally. That counts for something, right?
rileyg98@reddit
So stop supporting them.
ConsciousEquipment@reddit
...you are acting like the PC will just despawn or stop working immediately at that date lmao
If you knew what shit we have running somewhere, consumer AIO shit with windows 7, random ass laptops with windows 10 etc do you really think we gonna buy a whole assload of new PCs. Literally nothing changes and half of them have probably not seen an update since whatever last forced them to reboot.
bobo_1111@reddit
LTSC here
LitzLizzieee@reddit
We have all our Windows 10 customers on ESU, and at the end of the day we won't be supporting clients if they decide not to upgrade to Windows 11 before the cut off, as they're agreed in our contracts. But I work with enterprise clients and a lot of sysadmins here seem to be from smaller orgs.
Resident1942@reddit
Well, we swap out machines whenever it's out of warranty. So just use that chance to give them a windows 11 pc
nurax7@reddit
Yes. Small shops, but reverted some laptops back to win10 because of the performance hit and bugs. As long as the ESU program gets them patched, they stay on win10 until MS improves the situation.
derpman86@reddit
There is the odd random machine here and there but it is a gradual process of replacing them.
The big issue is " the computer is working fine" so how do you pressure someone into spending 1 plus thousand bucks on a new one when there is.. to them.. little need.
Hilariously these machines perform better than many win 11 with better hardware lol.
timbotheny26@reddit
My church is still running Windows 10 on the computer for the sanctuary lighting if that counts.
It's not on extended support either. :D
drslovak@reddit
Every day
Ok-Double-7982@reddit
I would impose extra security risk service fees for out of support OSs and outline in writing how you can't guarantee reliability on those platforms.
I would also drop those clients, personally. They hire you to support them, but then don't listen for years about Win11? Why? Did you ask them?
r0ndr4s@reddit
And you blame them? Windows 11 is a shitshow
DL72-Alpha@reddit
I have been helping people transition to Linux.
Chili_Clause@reddit
The few that I have still on 10 with the extended year service have all been told that in October they either need a new machine or I cannot guarantee the equipment. They will need to sign an acknowledgment letter that they're willing to go unprotected and that I cannot be held responsible.
Eelroots@reddit
Do you have any SLA or penalties with their business continuity? If yes, you need them to sign a RAL Risk Acceptance Letter.
immortalsteve@reddit
We started making people justify keeping legacy systems around and magically a lot of this sort of pushback stopped. My org is also yuge and contracted directly with MS, so they helped move that along--mostly forcefully.
CSMR250@reddit
What difficulty is their remaining on Windows 10 causing you?
cmitsolutions123@reddit (OP)
Honestly a few things stacking up - security patches are gone so we're sitting ducks when something hits. Vendors are quietly dropping Win10 support so random software just breaks out of nowhere. And cyber insurance carriers are starting to flag unsupported OS during renewals which is becoming a real headache.
Day to day it's fine. It's the slow liability creep that's the problem.
Secret_Account07@reddit
I don’t mean to be rude but why didn’t you guys give them a deadline awhile back. And incentivize them with costs?
We make it so expensive to support Server ESU (08/12 R2, for example) it motivates folks to finally work on something after a decade.
You really gotta make things uncomfortable for folks that don’t adhere to best practice…and it’s not even best practice, it’s a violation of basic SecOps imo lol
zatset@reddit
Excuse my bluntness, but those those people are predominantly paper-pushers that know only 2 words - "BUY", "UPGRADE" and have no connection with reality whatsoever. Flagging things is easy, actually providing options or doing anything about securing things is not.
CSMR250@reddit
It makes sense to pass on the costs.
I'm surprised to see app developers dropping Win10 support as it's still 32% share of windows desktops according to statscounter. Microsoft has just announced this week plans to optimize Windows 11 which would make it a better option for Win10 users https://www.techspot.com/news/111872-microsoft-plans-100-native-windows-11-apps-major.html but that is just a plan at this point.
uptimefordays@reddit
Windows 10 is EoL, why would developers target an unsupported minority of their market?
CSMR250@reddit
Because... their apps don't depend on Microsoft support to function, it's close to 0 extra work, and it's a huge market?
uptimefordays@reddit
Developing for EoL platforms creates ongoing compatibility and security liability while targeting a shrinking user base that has already demonstrated reluctance to adopt updates—even free ones—making them a poor fit for paid software investment. That dev time is better spent on current platforms where the addressable market is larger and growing.
CSMR250@reddit
What dev time is required to support Windows 10?
uptimefordays@reddit
Supporting Windows 10 past its October 2025 EoL date primarily means maintaining a parallel test environment—you'd need Windows 10 runners in your CI pipeline alongside Windows 11 to catch any behavioral differences. API surface between the two is largely compatible for most application types, so the ongoing delta is usually in testing overhead rather than code changes, unless you're using newer Win11-specific APIs.
The bigger question is how long you intend to support it. Microsoft's ESU program extends security coverage for enterprise customers through 2028, so there's some runway, but that's a shrinking and paying-to-stay-behind audience. At some point you'd want a deprecation timeline communicated to users.
If your app has no Win11-exclusive dependencies, the marginal cost to keep Win10 in your test matrix is relatively low short-term—it's more about whether the support burden scales with your user base there.
MortadellaKing@reddit
They can buy up to 3 years of ESU for updates. What's stopping you from selling them that?
MyThinkerThoughts@reddit
Given the supply chain compliance mandates across nearly every sector, things like this can turn into loss of contracts
SpiceIslander2001@reddit
Accoding to Statscounter, Windows 10 still has 30% of the market. In fact, it's share ticked up a bit from Feb 2026 to Mar 2026.
What this means is that IT support operations are going to find themselves still needing to support Windows 10 for a while yet. And to TBH, I'm not surprised. I suspect that many people and businesses are just not seeing a compelling reason to sink the $$$ in hardware and upgrade costs to move to an OS that does not provide any additional perceived value.
It's up to IT to show clearly what that perceived value is, that than just saying "oh, Microsoft is no longer supporting it, so we need to upgrade."
downrightmike@reddit
What do you mean that you don't want your OS to be a glorified Electron javascript app slopped together with zero QA?
strongbadfreak@reddit
I worked for a MSP, they had contracts to charge more for clients who didn't upgrade when things were EOL, I think we charged every time we touched those machines.
Good_Ingenuity_5804@reddit
I found a Windows 7 machine behind the table of boxes in the server room. Took a lot of convincing to build a win11 VM for this app. It required a hardware token, but it does work with VMware
Junior-Tourist3480@reddit
Surprised nobody is still seeing OS/2 still in the wild.
RBeck@reddit
They should see what's controlling the elevator they took their desk.
badaccount99@reddit
I'm still managing CentOS 7 servers. We can't even build a new image of it from Packer because there is no where to download it from anymore.
Our new stuff is of course on the latest OS versions, but getting time from QA and devs to address tech debt is a real problem.
For me it's servers though with code that runs on old stuff and the newer OS doesn't provide that version of PHP/Java/whatever. without a ton of extra work. We just point to the wiz.io graphs and send them to our CIO and hope for the best I guess.
Desktops though? Why are you not upgrading? Licensing? Or god forbid you're running production servers on Windows 10 and not on Windows Server.
JDP87@reddit
A customer of the company I work for is running Windows 7 on several end user computers because that's what their (quite knowledgeable) IT contractor has them on.
chuckycastle@reddit
SIX WHOLE MONTHS AGO!? THE INSANITY!!!
geegol@reddit
I have clients running software that will not run on windows 11. Currently on extended support.
ThreadParticipant@reddit
I’ve still got around two dozen machines on extended patch support for now while I work through a migration plan to Linux.
They’re still perfectly capable for their current workloads, and now that the primary application they rely on supports Linux, it makes sense to transition them over when time allows.
KnaprigaKraakor@reddit
Still supporting them with extra fees, with the written understanding that support services on those machines are delivered on a "best effort" basis, meaning that we will fix stuff if we can but we make no guarantees, and we are not liable for any technical or security issues that arise from their continued use of post-EOL operating systems.
Zerowig@reddit
I don’t understand this thread. This seems like it written from an MSP standpoint due to referring to people as “clients”, but I’ve never heard of an MSP that cares about something out of their control.
If MSP recommends to get off Win10 or else, and client says nah, not a priority. Then who cares? Not your problem MSP. If something bad happens, then that’s on the client.
Funland1a@reddit
Why didn’t you disable their access? That’s the only answer.
igniztion@reddit
I recently visited a client who ha 2008 R2 production servers.
NoneOfTheAbove999@reddit
These people make me nuts. I'm down to a handful (ESU enabled), but come on.
I'd shut them down right now, but the CIO (really) said no. Coincidentally, the CIO had an XP machine on the network 2 years after EOL.
You can't make this stuff up.
AhrimTheBelighted@reddit
I still have 2000 machines on Windows 10 that end users are utilizing and I do not have permission to force fresh them with our life cycle management, so it is what it is.
mrlinkwii@reddit
6 months is nothing , like others have said some people are still supporting XP/win2000
melshaw04@reddit
Yeah we have 2012 servers still in Prod who cares about Win10 lol
Then_Albatross_6725@reddit
This and your replies are obviously all AI. What is going on here?
Alive-Back-4843@reddit
I stressed so hard about getting all my computers up to date by EOL. Every business I walk into still has computers running Win10 and it just makes me laugh tbh
flecom@reddit
wait till you find out how old the version of android is running all those square/clover/toast/whatever POS systems
Alive-Back-4843@reddit
I used to work with Micros and Toast at my last job. Micros is ass but toast is easy to manage
cmitsolutions123@reddit (OP)
This is exactly it lol. You bust your back making sure everything's compliant and then walk into a client site and there's a Win10 machine just sitting there running the till or something. All that stress for nothing.
AgingTrash666@reddit
I'm still supporting Windows XP, quit your bitching
flecom@reddit
laughs in million dollar hardware still running on DOS 6.2 talking to XP "servers"
Tex-Rob@reddit
This user production lines
AgingTrash666@reddit
until we run out of IDE hard drives or 32 bit hardware ... whichever happens first. western civilization will probably collapse first
narcissisadmin@reddit
I'm just hoping that our friends in the EU will bring a massive class-action lawsuit against Microsoft for artificially making W11 incompatible with older hardware.
dontbethefatguy@reddit
I still can’t get my Managing Partner to give me his laptop for two hours, or even leave it in the office overnight for me to upgrade it.
EventPurple612@reddit
Terrible fumble on the part of MS, most of the time people aren't even allowed to upgrade to 11. When XP died you could go to 7 as a working alternative, we're going to see win10 machines running for 10 more years or more until the last non-compliant motherboard fries itself.
We're going to keep supporting those devices at least until the extended coverage expires. I'm not holding my breath for a significant shift in usage of 11 though.
Byany2525@reddit
Lots of win 20 service packs still in service till 2028. Calm down
Hyperion_Silenus@reddit
I'd charge them extra fees for upkeep the older windows operating system. Microsoft offers 1 year protection for windows 10. I think only for professional edition.
BitOfDifference@reddit
meh, i let them know.... and thats it. the security team will hound them to the ends of the earth once i confirm that they were informed. Honestly, windows 11 has been fine but i am not an advocate of upgrading just because something is no longer supported. We have security software, its job is to protect everything it supports ( still supports windows 10/8/7 ). Fun fact, many places are held back by software companies who refuse to test their platforms on newer versions of OSs. They ended support for CentOS years ago and it took Avaya 2 years to put out a new version that runs on Rocky, but an older version of Rocky...
Itsquantium@reddit
Security software doesn't make the device secure on its on own. There's vulnerabilities within EOL OS's that can essentially make it not secure. There's more to hardening a system than just installing some security software on it and calling it a day. By default windows out the box is a Swiss cheese of security holes. Software alone won't fix that.
BitOfDifference@reddit
True, however there is no 100% solution for 100% bleeding edge new or mix of old systems other than air-gapping and disabling all usb. Security and Usability triangle :)
Itsquantium@reddit
The solution would be to not support an EOL OS that has no security patches. After that EOL date, if departments didn't purchase a TPM 2.0 required computer, that's it. Your access is done. No company resources for you. They can be on an isolated VLAN outside of company resources.
BitOfDifference@reddit
Done that before, but the machines actually had TPM chips in them, 1.2 though. Security people like to be hardcore but its quite difficult to force a software company to update a mission critical app on your timeline. When security meets reality i guess. This is why they have risk acceptance.
DestinyForNone@reddit
Moving the last of our Win10LTSC machines onto Win11LTSC and almost done.
No enterprise or pro win10 machines. We threatened to remove them from the network, even if they were being used by expensive production machines.
Sempy0@reddit
I still run a win10 machine on an intel a NUC. I give zero fucks it’s EOL. That’s what my Firewall is for.
usa_reddit@reddit
Windows 11 is trash man. Windows 10 forever!
ImUrFrand@reddit
if you look at the steam hardware survey stats, you'll notice a windows 11 declined by 10% and window 10 gained 10% in the last few months...
this is mainly because they are adding the chinese market to the steam stats, in some cases having to manually correct entries because of translation issues.. (the nvidia 5070 was misrepresented as most used graphics card on steam in february but corrected in march as an example of manually correction).
side note, linux is now over 5% usage because of the additional market coverage.
LecheConCarnie@reddit
Still have around 10 systems running Win10 that are too old to officially update to 11. Purchased an extra year of support from MS on them. And budgeted to move the users to new systems by year end.
Lukage@reddit
*laughs in critical medical systems running XP*
IAmSnort@reddit
Grandma is on W10 and will probably remain so until I get the gumption to switch her to some version of linux.
She doesn't do well with change.
She needs her browser based email (yes, it's AOL) and other websites (mostly medical and Facebook. )
W11 is not worth the HW upgrade for her needs.
I-am-not-in-IT@reddit
Windows 98 is running the HVAC at one of our sites. It's isolated from the rest of the network but it's still spooky.
We have a laptop running XP that controls the signage out by the road. That device also isolated but if either of those devices breaks, we're fucked.
cyber_r0nin@reddit
Sounds like a project to work on before v summer kicks in...
Cormacolinde@reddit
I have a few customers who have a few hanging around, but they’re covered by an ESU licence.
hosalabad@reddit
BD Pyxis can't stand them.
ITDept34@reddit
Anyone on Windows 10 pro got extended updates for free.
britannicker@reddit
Move over to the LTDC version. Job done.
HoosierLarry@reddit
Rufus + W11 25H2…but only in home and non-profit that legitimately relies on charity or member dues and not just failing to budget IT as an opex.
Alternative…Linux and open source software alternatives. Should probably do that anyway on account of failure to implement a proper asset life cycle.
dude_named_will@reddit
Rookie numbers. I'm still supporting Windows XP.
Stonewalled9999@reddit
Laughs in DOS 6.22 and server 2000 there
_paag@reddit
I still have mission critical machines (computers that control medical devices, like ultrasound, mri, the likes of it) running an assortment of versions that makes me really sad.
EOL means nothing to manglement, while things work.
Stonewalled9999@reddit
It’s worked for 20 years it can run another 20 according to finance teams
HoosierLarry@reddit
At least it’s not XP.
lectos1977@reddit
I work for a non profit. I have about 30 Win 10 left. Most of our grants were called DEI or for climate change, like keeping children from killing themselves, or using drugs. Apparently it is DEI to not be homeless so that grant had to go too. So, suffice to say we haven't got the money to even replace them with even super cheap and terrible Win 11,machines. And of course none of them can be force upgraded even thougb they have TPM 2.0 due to some 3rd and 4th Gen i7 CPU issue that cannot be worked around. So, security policies it is.
Stonewalled9999@reddit
Tons of cheap ass doctors and lawyers that refuse to spend any money.
StartAccomplished256@reddit
What s there to support ? There are machines with windows xp that are working just fine.
bobmanuk@reddit
It’s not that they won’t work, it’s that they are a massive security risk.
I’m pretty sure some of the places I’ve worked over the years are still running their bms systems on windows 2000, one place had a 250000+ euro price tag to upgrade all the systems and pc to windows 7 (as it was current at the time) was enough for them to go, you know what, we will eat that risk, make sure that thing never sees the internet again, ever!
StartAccomplished256@reddit
No, they are a security risk if they are managed by brain dead ppl.
Haelios_505@reddit
Windows 11 is so unappealing and getting more so by the day. We still have windows 10 clients but have the machines to replace them in stock. It's just a matter of finding the time to get it done along with everything else going on.
Seriously thought l, it's like Microsoft and broadcom are racing each other to the top of every sysadmins shit list.
Phreakiture@reddit
[Laughs in Industrial Control]
fnordhole@reddit
Fuck Windows 11.
pegz@reddit
You should have charged them for the ESUs are got them licensed.
thepfy1@reddit
We still have a few due to vendors not providing a Windows 11 version yet.
Fortunately, none are my responsibility
No_Yesterday_3260@reddit
Yup.
For some I supply the workaround with setup.exe /server, but told them if any issues that takes more than 15-30 minutes to troubleshoot would be related to the hardware not being supported, and the machine having to be replaced, but generally forced them to replace.
But some companies have it tight on the budget.
That way i put the responsibility on the leadership :)
maceion@reddit
I moved to Linux, my wee elderly tutor group had some of them do the same (do not want or are able to afford new machines!). Change of OS went quite well, except for Adobe products.
TinderSubThrowAway@reddit
Only windows 10? No 7 or XP machines still hanging out?
KAugsburger@reddit
I still see boxes running Windows versions before 10 for things like controlling CNC machines and other older equipment where it would be very expensive to upgrade or impossible to run on a newer OS. It is becoming pretty rare to see workstations used for general office use on those older OSes anymore because a lot of newer software just doesn't run(e.g. web browsers, office applications, etc.). The hardware is also usually so old that it is painfully slow unless they are running some really old applications. Eventually the hardware dies and they don't have much of a choice but to move onto Windows 11.
Outrageous-Guess1350@reddit
I offboarded everyone who didn’t want to upgrade. If a new client is still running Windows 10, they first need to upgrade.
99% upgraded. Took me 18 months of convincing and work to get it there.
cmitsolutions123@reddit (OP)
Respect the hard stance honestly. 18 months is a grind but having that clean baseline is worth it long term. We've been too soft about it and this thread is making me rethink that approach.
Did you lose many clients over the offboarding or did most of them eventually come around?
Outrageous-Guess1350@reddit
Most of them made the jump.
I made it very clear: you depend on me to keep you safe. If you are not willing to upgrade, I cannot do the basic job to keep you safe. Luckily they saw the writing on the wall. I do businesses, so if the computer wasn’t Windows 10 ready it was time to upgrade/invest anyway.
hologrammetry@reddit
I have a couple labs full of Win10 LTSC machines that are compliant with security policy.
Witty_Formal7305@reddit
We still have some non profits who have them kicking around, the ESUs for Year 1 were like $1? $2? Per machine.
More than a few bought a good chunk of them to give them more time to refresh their machines, given how expensive RAM & SSDs are now, I expect more than a few will likely buy year 2 as well since its still stupid cheap for non-profits. All their main / ft staff are on W11, most of these W10 machines are used for part time staff or in computer lab / library environments that only get used a couple times a week for some web browsing or Word, so they're not high priority for them and as long as they buy the ESUs, we don't really care.
tarvijron@reddit
With how Microsoft has been "supporting" Windows 11 customers you'll be supporting Windows 10 until the heat death of the sun. Best real advice - Get a signed acknowledgement of the risks. See if there's a way to run whatever crapulent apps they're still using under WINE or something and pitch them that every time you renew the risk waiver. Just keep the decision to keep using an unsupported OS off your plate and give the customer what they want (as long as they pay for it).
durzo_the_mediocre@reddit
Still using win server 2000 for an old app....air gapped though
RabidTaquito@reddit
Shit, I still use it! At home, for 2 specific games. But I use Arch for everything else.
NoPossibility4178@reddit
Yep I still use it personally and install updates when I feel like, not when Microsoft decides.
Lurk3rAtTheThreshold@reddit
I'm still running 10 at home 😂
nitrobass24@reddit
Just curious how it’s messier? From a business perspective seems like an opportunity to charge clients more money.
cmitsolutions123@reddit (OP)
Ha fair point on paper - and yeah we do charge extra for supporting legacy systems. But the mess isn't really the billing side, it's everything else that comes with it.
You're suddenly the guy responsible when something breaks on an unsupported OS. Security vulnerabilities start stacking up and now you're on the hook if a client gets hit. Insurance and compliance conversations get complicated fast. And the clients who never upgraded are usually the same ones who fight every invoice anyway.
So yeah you can charge more, but you're also inheriting a liability that no hourly rate fully covers. That's the messy part.
OkDimension@reddit
But security vulnerabilities are still getting patched? For most users it's even free if you connect that computer with a Microsoft account. If that's not possible run the patches manually?
Fritzo2162@reddit
A good 25% of our clients didn't upgrade yet. A lot of cases it involves the pc being used for equipment, so it's more of an appliance than a workstation. Others blew their annual budget on server and infrastructure upgrades last year trying to get in before tariffs and data center component hoarding. We support about 10000 seats, but I expect they'll all be off of Win10 by the end of this year.
SmashesIt@reddit
I asked MS to give me another year and they said Ok
Weird_Definition_785@reddit
You will still be seeing this a decade from now. I assume you weren't supporting XP.
Ron-Swanson-Mustache@reddit
First time with a major OS going EOL?
Shit, this year was the first year I got budget to move everything to Windows 11.
chillzatl@reddit
We have situations where software prevents the upgrade and in those cases they pay for ESU. Everyone else was upgraded long ago.
Those are, IMO, the only acceptable options.
zesar667@reddit
We Put a Job in Ninja rmm to Upgrade
Tymanthius@reddit
fffttttt - still have clients with Server 2006.
FieryHDD@reddit
I have one more pc in our domains with ESU.
One laptop just for updating our yeamink headphones
SiberianKitty99@reddit
Heh. I have two WinXP systems running at the office right now. They control large, expensive, (hundreds of thousands of dollars) machines which still work despite having started with NT 4 systems as controllers. The vendors never released drivers for Vista and up. We have a few spare XP machines sitting in storage, already set up; every so often they’re tested to be sure they still work. The old systems are locked away from all outside connections, down to USB devices; it’s a termination offense to plug in an unauthorized USB device. Physical security is maintained; they’re behind key card operated doors. One day the machines they control will die, and we will get newer machines. Until then, they run. Using WinXP. EOL, what’s that?
I personally have an ancient beige G3 PowerMac running Jaguar (I put Panther on it; this was an error, I put Jag back) and an ancient eMac (that’s eMac, not, repeat, NOT iMac) running Leopard. Both aren’t connected to a network. I have an old Win7 unit sitting next to them. One more time: EOL, what’s that?
UrWHThurtZ@reddit
It’s windows 10 … be lucky it’s not XP or 7. Just support them as usual. It’s extremely rare that you would ever have to get Microsoft support on the phone anyway.
Confident-Pepper-562@reddit
Its not about microsoft support, no one calls microsoft support. its about not getting security patches, which is a big deal when part of your job is ensuring the security of your clients systems.
9000Kilo@reddit
We have a number og machines that works perfectly - but they are not approved for windows 11. I did upgrade a laptop to win11 - what a mess. That was the drop to try out Linux - what an absolute pleasure. I will be moving most users to Linux Zorin within the next 6 months. Most just run cloud based stuff and they will hardly notice the change.
Substantial_Tough289@reddit
We do, some of our PCs were not upgradable to W11 so they stayed in W10; they all work fine.
a60v@reddit
As long as they are paying for extended update support, that is fine. If they are running standalone or on an air-gapped network (maybe running an industrial control system), that is fine, with the limitation that they will not be able to get bug fix patches. If they are on a public network, then you have to refuse, as there is no responsible way to provide support for them.
Pazuuuzu@reddit
We have machines running 2000 on air-gapped networks :D
CeC-P@reddit
Some of our clients have XP machines driving their CNC machines still. They haven't even virtualized them yet.
iceph03nix@reddit
We've got a vendor who provides certain task specific server-desktop computers. They work very heavily from golden images, and they have not done anything I can see to update those images to 11.
We've talked to the C-suite folks on it, but there's not much we can do on our end. Next insurance security audit should be fun...
alloygeek@reddit
I worked for a machine shop years ago- they just spent 10 million on a brand new machine, that ran XP- (one year before XP went EOL) and last I heard it is still running. The company that made it is defunct, and a replacement means another 9 figure+ piece of equipment to replace a functional device. From a non tech perspective its easy to understand why they do it. Sucks for us but it is what it is. Industrial control systems, SCADA and others are notorious for using horrifically out of date software- in some cases shipped 'new' with EOL software.
mullexwing@reddit
We got completely off Win10 by the end of September. Then I've noticed ever since I still see monthly cumulatives showing up in my MECM each month. I'm curious if those are actually working or do they error out if you didn't pay for the extended support.
halxp01@reddit
Windows 10 LTSC has entered the chat.
coco_shibe@reddit
Yeah I got a few client sites that are still running win 10 pro. We make it clear that we while we can monitor and support them we cant secure the devices and liabilities are set to them only unless they move to win 11 pro. We offered them several times to slowly upgrade their office but the manager, who was the owners husband, thinks its not needed and we are trying to sell him. This is a medical facility btw and they continue to fail our hipaa compliance audits internally. Been begging my boss to cut them loose as a client.
-King-K-Rool-@reddit
Medical industry sucks ass and I get to stress out on a daily but one benefit is that none of them actually know HIPAA compliance theyre just scared of it so I get to say "this is a security risk, in order to maintain HIPAA compliance for the foreseeable future we need to..." and they listen to me on any security topic. The fact that HIPAA can fine not only the organization but also the individual scares them into compliance much more than any other industry. Ive had zero issues moving people from windows 10 to 11 aside from the Constantine whining about it while they let me do it, which i just say "ya I hate it too, HIPAA though man"
maobezw@reddit
i even have to keep win 7 box alive atm. \^\^
itsmerowe@reddit
I have Windows 98 in my shop still (controller card is ISA), but thankfully it's a closed network.
duranfan@reddit
I was in a local pizza shop last night, and their wall-mounted order list showed a Windows 7 lock screen. I almost laughed, but I did cringe a little.
Familiar_While2900@reddit
*Laughs in Windows 7 *
Wonderful-Jury-4058@reddit
In India, people are still using windows 7
TechinBellevue@reddit
Ran an MSP.
Our contracts were specific - we only managed hardware that was under warranty and software that was not EOL.
If a company was serious about IT and security they would not have an issue with that.
It took a while to get us there - either through educating the client execs or culling the ones who refused.
derfmcdoogal@reddit
We have some that are glorified maps (Surface tablets). They aren't connected to the internet.
Wolfram_And_Hart@reddit
They get updates as released as per normal. But we don’t mess with driver problems.
xixi2@reddit
Me. I'm the client.
My home PC isn't compatible with 11 and Ram is $4000
Weird_Lawfulness_298@reddit
We only have a handful that can't currently be upgraded due to the software that they are running but are working with the vendors on software updates. We have moved some of those to the LTSC branch. We don't really have any people that are using Windows 10 on their work computers though.
SlyCooperKing_OG@reddit
I’m actively still trying to migrate people. Embedded systems are still a money pit, but if a user with no complaints isn’t moving. Then it’s a manager issue.
Confident-Pepper-562@reddit
Microsoft sells a license for extended support for security updates.
For the few users who refuse or are unable to upgrade for application specific reasons, we have been just passing on the cost of the license (i think its good for one year, and then subsequent years will need new license that costs twice as much)
Extended Security Updates (ESU) program for Windows 10 | Microsoft Learn
HikeTheSky@reddit
There are still machines that run 3.1 because the software they are using wasn't upgraded it is still in existence. So you let these people take their own risks.
ISeeDeadPackets@reddit
If your time to them is "unlimited" but could be billed to their department or you're an MSP or something, just tell them all Windows 10 support is now T&M only.
Sceptically@reddit
I helped with an XP computer just a couple of weeks ago. And a Windows 7 computer the day before yesterday. Plus Windows 10 is still all over the place.
tapakip@reddit
We just disable access to the machines remotely, but we own the machines for our org, this isn't a client situation.
Nandulal@reddit
lol you must be new here :D
codyturntrout@reddit
We had a windows ME box that was hooked to a printer untill a year or two ago. Luckily it was completely off the network and they just used it to print Physical Therapy instructions.
GardenWeasel67@reddit
LTSR or ESUs
itskdog@reddit
For budget reasons (school), we weren't able to replace all our PCs, so got ESUs (which changed price form $1 to free for year 1, at least here in the UK), and we're replacing them as and when we can. Laptops have been replaced now, just need to do the desktops now.
AlertStock4954@reddit
Heh, I’m looking to mark the XP/Server 2003 migration complete by the end of the year (if I’m lucky)
Low_Information7444@reddit
I'm still supporting Windows XP VM as a "side business" due to speciality software not supporting anything newer. So it could be worse!
cmitsolutions123@reddit (OP)
Windows XP VM I actually respect that level of commitment lol. At least a VM has some isolation. My pain is physical machines running Win10 on the actual network with no containment whatsoever. You win this one.
dnz007@reddit
First time?