The Windows 11 Upgrade Crisis: Why Millions of PCs Pose a Major Security Risk
A critical deadline is looming for businesses and public sector organizations around the world: October 14, 2025. On this date, Microsoft will officially end support for Windows 10, leaving millions of computers without vital security updates. For many, the solution is a simple upgrade to Windows 11. However, a massive number of devices, particularly within critical infrastructure like the UK’s National Health Service (NHS), are unable to make the switch, creating a ticking digital time bomb.
The core of the problem lies not with software, but with hardware. It has been revealed that a staggering number of computers purchased for the NHS in recent years do not meet the minimum hardware requirements for Windows 11. This has left nearly one million NHS computers—approximately 40% of the entire system’s PC estate—stuck on an operating system that will soon become obsolete and dangerously insecure.
Why Can’t These Computers Be Upgraded?
The roadblock is Microsoft’s strict hardware requirements for Windows 11, which were designed to enhance security at a fundamental level. Unlike previous OS transitions, this upgrade isn’t just about processing power or memory. The key requirements include:
- A modern processor from a specific list of approved CPUs.
- A Trusted Platform Module (TPM) 2.0 chip, which provides hardware-based encryption and security features.
Many of the PCs supplied to large organizations were built to meet the minimum specifications for Windows 10 to keep procurement costs down. While functional for their time, they were not future-proofed and often lack a TPM 2.0 chip or feature an older, unsupported processor. As a result, they are physically incapable of running Windows 11, leaving a full hardware replacement as the only viable long-term solution.
A Looming Cybersecurity Catastrophe
Operating a computer on an unsupported operating system is extraordinarily risky. Once Windows 10 support ends, Microsoft will no longer release security patches for newly discovered vulnerabilities. This means every PC still running the OS will become an easy target for cybercriminals deploying malware, ransomware, and data theft tools.
This situation is dangerously reminiscent of the lead-up to the 2017 WannaCry ransomware attack, which caused chaos across the globe and severely impacted the NHS. That attack exploited a vulnerability in older, unsupported versions of Windows, crippling hospital systems, delaying appointments, and putting patient data at risk. History has shown that failing to modernize IT infrastructure in healthcare doesn’t just cause technical headaches—it can have life-or-death consequences.
With a deadline of October 2025, the race is on to replace nearly a million machines. This is a monumental task that presents immense logistical and financial challenges. While Microsoft may offer Extended Security Updates (ESUs) for a fee, this is a costly, temporary solution that only delays the inevitable need for a full hardware refresh.
Protecting Your Organization: A Proactive Checklist
This issue extends far beyond the public sector. Businesses of all sizes may be facing a similar hardware cliff without realizing it. Now is the time to act to avoid being exposed to unacceptable security risks.
Conduct a Full Hardware Audit: The first step is to understand your exposure. Systematically inventory all company computers to identify which devices are not compatible with Windows 11. Microsoft’s PC Health Check app can help determine compatibility on a machine-by-machine basis.
Develop a Migration and Replacement Plan: For incompatible devices, you must create a clear, budgeted plan for replacement. Prioritize machines used by employees with access to sensitive data or those that control critical business functions.
Don’t Wait for the Deadline: The global demand for new PCs will likely spike as the 2025 deadline approaches, potentially leading to supply chain issues and price increases. Begin your procurement process early to ensure a smooth transition.
Enhance Security on Legacy Systems: For any machines that absolutely cannot be replaced before the deadline, implement additional security measures. This includes network segmentation to isolate them from the main network, enhanced monitoring, and strict access controls. However, view these as temporary measures, not a permanent fix.
The challenge of migrating from Windows 10 is a stark reminder that short-term savings in IT procurement can lead to much greater long-term costs and risks. For organizations of all sizes, proactive investment in modern, secure technology isn’t just a best practice—it’s an essential element of survival in today’s digital landscape. The cost of preparation is always lower than the cost of a catastrophic failure.
Source: https://go.theregister.com/feed/www.theregister.com/2025/10/31/nhs_windows_11_issues/
