Full Report
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates. [...]
Analysis Summary
# Vulnerability: False Windows 10 End-of-Support Warnings Post-October 2025 Updates
## CVE Details
- CVE ID: Not disclosed in the provided context. This appears to be a cosmetic software defect rather than a security vulnerability requiring a CVE.
- CVSS Score: Not Applicable (Cosmetic Issue)
- CWE: Not Applicable
## Affected Systems
- Products: Windows 10 (Pro, Education, Enterprise editions), Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021.
- Versions: Windows 10 version 22H2 (for ESU participants and LTSC versions).
- Configurations: Systems enrolled in the Extended Security Updates (ESU) program (with activated ESU product keys) or systems running supported LTSC versions (Enterprise LTSC 2021 until Jan 2032, IoT Enterprise LTSC 2021 until Jan 2029).
## Vulnerability Description
A software defect introduced after the October 2025 updates caused the Windows Update Settings page to incorrectly display an "Your version of Windows has reached the end of support" warning on systems that are still actively receiving security updates (either via ESU or because they are LTSC versions still within their support lifecycle). The functional impact is purely cosmetic, as security updates continue to be delivered.
## Exploitation
- Status: Not exploited (Cosmetic flaw, not a security vulnerability).
- Complexity: Not Applicable
- Attack Vector: Not Applicable
## Impact
- Confidentiality: No Impact
- Integrity: No Impact (Functionality remains intact; only display is affected)
- Availability: No Impact
## Remediation
### Patches
- **Cumulative Update KB5068781:** Released November 11, 2025, this update resolves the issue for all customers enrolled in the ESU program.
- All subsequent Windows 10 updates released after KB5068781 should also contain the fix.
### Workarounds
For enterprise-managed devices where KB5068781 cannot be immediately deployed, the incorrect warning messages can be suppressed by installing the following Known Issue Rollback (KIR) group policy package:
- **KIR Group Policy:** Applicable to Windows 10 versions 20H2, 21H1, 21H2, and 22H2.
*Note: An earlier cloud configuration update was deployed automatically, but might not apply to systems lacking consistent internet connectivity or those blocking OneSettings downloads.*
## Detection
- **Indicators of Compromise:** The presence of the message "Your version of Windows has reached the end of support" on the Windows Update Settings page on systems known to be on ESU or LTSC support tracks.
- **Detection methods and tools:** Auditing Windows Update settings pages or verifying the installation status of KB5068781.
## References
- Microsoft Advisory regarding Windows 10 ESU and support status.
- KB5068781 Update Information.