- Windows 10 has received its final security update
- It fixes 172 security flaws in the OS, including six zero-day vulnerabilities
- It's a sobering thought to imagine how these security holes will mount up over the months for those who don't sign up for extended support
Windows 10 has received its last ever update - at least as far as official support goes - and it's something of an eye-opener as to the dangers you might face if you carry on using the operating system beyond its End of Life.
Bleeping Computer reports that the October 2025 update comes with a whole load of fixes for security problems in Windows 10.
In fact, this final cumulative update for Windows 10 carries the cure for 172 security flaws, and that includes six zero-day vulnerabilities.
A zero-day vulnerability is a security hole in Windows 10 that Microsoft didn't know about when the attack vector emerged and was made public. The name refers to the fact that Microsoft had zero days to respond to the threat (in other words, it wasn't discovered by the developer and patched in advance - as is ideally the case).
So, these are worrying flaws – because malicious actors may be trying to exploit them, given their unaddressed nature – and the patches for them are contained in this October update.
The fixed zero-day issues in Windows 10 include a flaw in the Windows Remote Access Connection Manager, a Secure Boot bypass, and a hole in TPM 2.0 (somewhat ironically, as this is the security feature that's needed for an upgrade to Windows 11, functionality that some Windows 10 PCs are lacking, which rules them out).
Analysis: flawed thinking
Reading about security vulnerabilities is always dull and dry stuff, and often, they're in elements of Windows that you won't go near - like the Remote Access Connection Manager (and one of the zero-days is a flaw in a fax modem driver, believe it or not).
However, there are still over 170 security issues here – and that's just in one month. Six months down the road, you're looking at a thousand of these little holes in Windows 10, and in time, the older OS will become a veritable security sieve, as it were.
The way these vulnerabilities multiply underscores why it's best not to keep running Windows 10 without security updates, even if that's a course some people will doubtless take (as happened with Windows 7).
If you want to argue that you really don't need security updates for Windows 10 from Microsoft, I've covered why you most likely do in a recent article. And there's really no excuse with Windows 10, seeing as consumers can get a year of additional support for free via Microsoft's Extended Security Updates (ESU) program (and while there's a small catch to that ESU, it's no big deal in my book).
You might also like
- Microsoft reveals plan to 'make every Windows 11 PC an AI PC' with new voice input, Copilot Vision and supercharged AI powers
- Microsoft promises to crack one of the biggest problems with Windows 11: slow performance
- Microsoft exec's vision of Windows 12 and beyond could terrify some of you
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.