Millions of computers still run Windows 10

Millions of computers are still running Windows 10

Reading Time: 4 minutes

Almost a year after the end of official support for Windows 10, many organizations still use this operating system in their IT infrastructure. Although, at first glance, computers continue to function normally, the reality from a security perspective is completely different.

This article is based on an analysis published by Lansweeper. Data collected from millions of IT assets and tens of thousands of organizations worldwide shows that devices running Windows 10 accumulate almost three times more active vulnerabilities than those with Windows 11. The difference is not just statistical; it represents a concrete risk to company security and operational continuity.

Windows 11 dominates, but millions of PCs still use Windows 10

According to Lansweeper data, Windows 11 runs on approximately 78.8% of Windows devices, while 16.9% of PCs still use Windows 10. In other words, about one in six PCs continues to run on an operating system that no longer receives security updates.

The accelerated migration observed before the end of Microsoft’s support has slowed significantly. Organizations that could upgrade have already done so, and those remaining generally face implementation difficulties. These can vary: incompatible hardware, old applications, or budget constraints.

Windows 10 share of Windows clients

The real difference between Windows 10 and 11 is the level of risk

The most important indicator presented by Lansweeper is not the percentage of migrated devices, but the level of exposure to vulnerabilities.

The analysis shows that:

  • a device with Windows 10 has an average of 1,903 active vulnerabilities (CVEs);
  • a device with Windows 11 has approximately 652 active vulnerabilities.

The result is a ratio of approximately 2.9 to 1, meaning that Windows 10 systems are exposed to almost three times higher risk.

More concerning is that this difference continues to grow every month. Microsoft publishes security fixes for Windows 11, but similar vulnerabilities discovered in Windows 10 are no longer corrected through standard updates.

It’s not just the number of vulnerabilities that matters, but also their severity

Lansweeper data highlights an even more important aspect.

Of the total vulnerabilities identified on Windows 10 devices:

  • 66.6% are classified as High or Critical;
  • 2.4% are actively exploited vulnerabilities in real attacks (“known exploited”).
Windows 10 vs Windows 11 risk level

This means that many of the existing problems are not just theoretical. They are already being used by attackers in ransomware campaigns, malware, or compromising IT infrastructures.

Additionally, specialists explain the phenomenon of patch diffing: after publishing updates for Windows 11, attackers analyze the changes and identify the same uncorrected vulnerabilities in Windows 10, developing dedicated exploits.

Why do organizations still use Windows 10?

At first glance, the answer seems simple: costs. In reality, the situation is more complex.

SMEs lag the most

Small and medium-sized companies account for the largest share of Windows 10 devices.

According to Lansweeper data:

  • 21.4% of PCs owned by small and medium-sized companies still run Windows 10;
  • in enterprise organizations, the percentage is 16.6%.

The explanation is mainly due to limited budgets and longer equipment replacement cycles.

The use of Windows 10 differs significantly by industry

The distribution is not uniform across economic sectors. The highest percentages of Windows 10 systems are found in:

  • healthcare and pharmaceutical industry (23%);
  • retail and consumer goods (22.7%);
  • industrial manufacturing (18%).

These areas frequently use certified equipment, POS terminals, industrial controllers, or devices integrated into technological processes, where changing the operating system requires costly validations or even the replacement of the entire equipment.

Some systems cannot even be updated

Another interesting result of the study is that not all Windows 10 devices can be migrated.

Lansweeper estimates that approximately 2.8% of Windows 10 systems use hardware incompatible with Windows 11, meaning the only solution is physical equipment replacement.

These situations are common in the case of:

  • POS terminals;
  • industrial equipment;
  • rugged devices;
  • systems integrated into production lines.

The difference is important from an IT planning perspective: a compatible computer represents a migration project, while an incompatible one involves investments in new hardware.

The risk is not only technical but also compliance-related

Using an unsupported operating system also affects compliance with modern security standards.

Organizations that must comply with data protection requirements, security audits, or standards such as ISO 27001 and cyber resilience requirements may encounter difficulties in justifying the use of systems without official support.

Additionally, cyber risk insurance and external audits are increasingly scrutinizing the existence of End of Life systems in a company’s infrastructure.

Extended Security Updates are not a permanent solution

Microsoft offers the Extended Security Updates (ESU) program for certain categories of users, but this should be seen as a temporary solution.

The program extends the availability of security updates for a limited period and at a cost, without eliminating the need to migrate to a supported platform. According to Lansweeper, after this period expires, a significant number of devices will automatically fall into the category of completely unsupported systems.

Conclusion

The data published by Lansweeper confirms what cybersecurity specialists anticipated: the problem is no longer how many organizations use Windows 10, but the level of risk they are taking.

A Windows 10 device exposes the organization to almost three times more active vulnerabilities than a Windows 11 PC, and the difference will continue to grow as new security updates become available exclusively for supported platforms. For companies, migration is no longer just an IT modernization project, but an essential measure to reduce operational risk, ensure compliance, and protect against cyberattacks.

Source: lansweeper.com

Leave a Reply

Your email address will not be published. Required fields are marked *