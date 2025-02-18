Infopackets Reader Dennis J. writes:

" Dear Dennis,

What happens when Windows 10 reaches end of life after October 14, 2025? My computer isn't compatible with upgrading to Windows 11. Will I still be able to operate using Windows 10 safely? I have MalwareBytes but I don't understand these things. I'm retired, and just shy of 80, and can't afford a new computer this year. I'd appreciate your advice thank you. "

My response:

Thanks for your question.

After October 14, 2025 your Windows 10 PC will no longer receive security updates. Simply put: if there is an operating system exploit in the wild (also known as a "zero-day exploit"), Windows 10 won't be patched and your system will likely become infected with a zero-day exploit at some point.

What's the Worst That Can Happen? What's Likely to Happen?

As far as security implications go: some, but not all zero-day exploits will allow for automatic remote code execution, which means malware can be deployed to your machine simply by having it connected to the Internet.

This has been noted many times in the past, especially Windows XP which did not utilize User Access Control (i.e., request administrative access rights) before executing binaries. The article below illustrates my point exactly and also includes link to a video:

https://www.xda-developers.com/connected-windows-xp-Internet-didnt-survive-long/

Ransomware and Remote Access Galore - Oh My!

The majority of the malware deployed in such a scenario would most likely be either ransomware or remote access Trojan(s).

In the case of ransomware: all your files will be encrypted and unreadable. The only way to get the data back is to pay hefty sums (READ: thousands of dollars) to gangs of ransomware cyber criminals with no guarantees of getting your data back, and certainly no way to prevent another ransomware occurrence from happening in the future because your system is already unpatchable. You would be absolutely stupid to think that it wouldn't happen again if you kept on keepin' on.

In the case of a remote access Trojan, scammers will be able to connect to your machine remotely and watch your every move, including recording your keystrokes, which includes passwords and credit card numbers. This will also inevitably lead to the draining your bank accounts and identity theft.

Real Word Scenario: I Recently Discovered a Cyber Criminal Gang in Moldova

I have personally worked on cases like this - in fact, I just worked on one last week where scammers from Moldova had infected a victim's machine.

Once in, they monitored him (Joe) and then ordered a batch of checks in the victim's name (who lives in Florida) and had them delivered to Michigan, where they tried to cash multiple $4,000+ checks repeatedly. Quite shockingly, the bank downplayed the threat after Joe was notified checks were delivered to another mailing address not his. He ended up changing his bank accounts, which was the right move. In a strange twist, he then received a letter from the bank that checks in his name were bouncing left, right, and center. No shit!

The same group of scammers also infected a friend of the victim a few months prior (Jackie); in this case, Jackie had extremely lax security on her browsers, including auto browser logins to her bank accounts without any challenge or time-outs to prevent auto-fill. They got in to her bank and tried to transfer out $6,000+ repeatedly from her accounts.

The scammers were able to extend their reach because once they gained access to Joe's machine, they started sending emails (in Joe's name) to others on his email contact list asking recipients to look over an "invoice," which was in fact hidden remote access that allowed the scammers into more new machines.

(For those wondering, I was able to determine the cyber criminals were in Moldova because they installed ScreenConnect - the same software I use to connect to my clients remotely. I analyzed the ScreenConnect installation files to determine the location of the ScreenConnect server, which pointed back to Moldova in both Joe's and Jackie's cases).

If these scenarios don't sound like a good option for you, then I suggest changing out the PC hardware.

Here's why -

No Security Software Can Patch an Out of Date Operating System 100%

No security program (Malwarebytes, antivirus, firewall, etc) will stop a zero-day exploit because by nature, a zero-day exploit means that there are no fixes the moment it is discovered and scammers can waltz right into the machine simply by having it connected to the Internet - all without you knowing - or at least, until it's too late.

A permanent zero-day exploit means that there will never be a fix, which is often the case for operating systems that do not receive security updates - including Windows 10 post October 14, 2025. Relying on a patch after the fact, or hoping there is some kind of third-party workaround is simply playing Russian Moldovan roulette with your data and finances.

Also, thinking that a zero-day exploit won't happen on the exact day Windows 10 reaches end of life (October 14, 2025) is faulty logic because there may already be zero-day exploits in the wild that haven't been discovered and malware distributors are simply counting down the days.

Some people reading this article will say "I've used an out of date OS and never been infected!". Well, good for you - pat yourself on the back for a job well done (you may already be infected and not know it) - but I'm not taking any chances, and for me to recommend otherwise would be asinine.

Here is yet another news article to back up what I said:

https://www.bitdefender.com/en-us/blog/businessinsights/new-windows-zero-day-exploited-in-the-wild-no-patch-in-sight

One Alternative: Use Linux

All of this doom and gloom isn't meant to scare you. It's simply a reality.

One solution is to change the operating system to one that is up to date and doesn't require TPM (trusted platform module, which is a requirement for Windows 11 that most pre-2018 machines don't have).

In this case, Linux is a good choice - Ubuntu and variants are very popular choices. I personally like AlmaLinux because I'm a CentOS (Redhat) guy.

Beware - Linux is not Windows

As the header above suggests, Linux is most definitely NOT Windows and there is a steep learning curve involved, especially when it comes to using the shell or managing operating system components.

Based on my experience of 24 years of using Linux, I can tell you that:

More often than not, trying to install something on Linux can break because it requires dependencies that may not have been included (or are missing on your flavor of Linux), which almost always requires some investigative work using the Linux shell. Using the Linux shell will require some deep understanding of how Linux works and if you're not familiar, you're going to have one hell of a time trying to understand it. In this case, probing questions using AI can help.

Troubleshooting Linux (in terms of patching / fixing dependencies) means lots of Googling and wading through oodles of pages written in ultra Linux-speak, then manually locating and patching the appropriate dependencies and trying to patch whatever it is you were originally trying to patch again. If it fails, well, you might have a nice mess to clean up and your 'patch job' may have also broken other dependencies which will most definitely cause you to swear. Ask me how I know.

And, because Linux is not Windows, you won't be able to use the programs you normally use - unless you use a Windows emulator like Wine - but there is no guarantee it will work 100%, even if the program has been ported to Linux (without an emulator required).

You certainly won't be able to play games properly even with Wine because Wine is emulating Windows, which is going to slow things down considerably. Also, video card drivers probably won't work properly under Wine.

Yes, Linux is Good Enough if All You Do is Browse and Email

Some may argue Linux is good enough for browsing the web and reading emails, and if that's all you do, great - use Linux and be done with it and pray you never have to manually patch anything.

For me: ain't nothing like the real thing baby - I'll take a fully supported and patched Windows, thanks. I've been using Linux since 2001 and program scripts in the Linux environment daily, but still prefer the awesomeness and ease-of-use of Windows.

There's a reason why Windows is used as much as it is world-wide. It just works. Most people use Windows because Windows is easy to use and there is a ton of software for it.

It all makes sense.

Another Option: Get a New / Used Windows PC and Port Your Data - I Can Help

Another alternative is that you can get a good, used PC on eBay that can run Windows 11. Be careful here because not all PC's are equal. Some are faster than others, some (like 13th and 14th gen Intel processors) may self-destruct.

If you're not sure what to get, I can make a recommendation for you - one that is more than adequate and that will be plenty fast

I can also build you an exceptional, custom PC and ship it to your door.

Once you receive your new system, I do all the heavy lifting, including remotely transfer all of your data from the old PC to the new one and set up backups and customize anything else you might need.

I can even virtualize your existing hardware and make it live on the new machine until all your data has been ported over. You can use your old machine as if it was still alive until things have been finalized.

I would like to note that I am Better Business Bureau A+ accredited with zero complaints and have been in business now for 24 years at the time of writing this article.

Another Option: Live Dangerously and Ignore What I said

If you have no intentions of heeding any of my advice and wish to keep on truckin' with an unsupported Windows 10 when that day inevitably comes, then the absolute minimum you should do is make regular backups of your machine and keep those backups offline, meaning that the hard drive that stores your backups should NOT be attached to your machine in case your system is compromised.

You should also practice reverting your data so there aren't any surprises - there's no worse feeling than attempting to do a restore and having the restore fail.

Tips: keep multiple backup sets, test the backups and rotate the backups. Use multiple backup drives if possible in case one of your drives die. Disk images are your friend. But it's all easier said than done if you're not familiar with these concepts.

Once again, if you need help with this, I can assist remotely and by phone.

Lastly: don't bitch if your Windows 10 gets compromised, because, well, you asked for it. If it does happen, expect it to happen again and again because most break-ins are automated by bots that will probe your machine 24/7 looking for a way in. I know this to be true because my web server is constantly being probed and tested by bots in China and Russia all day long, every day (at least, that's what my logs say).