Information Systems & Computing (ISC) is providing a one-time, one-year extension to Windows 10 security updates for Penn's institutionally owned systems.
Background
Penn has made excellent progress in this area, and ISC is gratified by the hard work done across campus. Since the beginning of FY2025, over 40% of the managed Windows installed base has transitioned from Windows 10 to Windows 11. Penn's institutional Windows 11 installed base is now almost 85%.
However, it is clear that the University will not reduce its Windows 10 installed base to zero by October 14, 2025, when Windows 10 leaves standard support.
ISC has made a one-time-only purchase of Extended Security Updates (ESU) for Windows 10. This purchase was sized for the number of systems visible in University management tools and is intended primarily for systems that cannot be upgraded to Windows 11 because they do not meet the technical requirements. It will extend security updates for one additional year—until mid-October 2026.
Technical Details
ISC has created an ESU enrollment fixlet “CONFIGURATION: Enable Windows 10 ESU Year 1 (ID: 2461655)” that has been published in BigFix. It detects for:
- the minimum technical requirements for ESU (Windows 10 patched to at least November 2024)
- whether or not the ESU key has already been applied
Please use the Endpoint Management (BigFix) queue if there are any questions about the fixlet and its usage.
ISC will also make the ESU key available to the relatively few organizations at Penn that are not using BigFix for their managed Windows systems.
Reference
Microsoft's basic documentation on the Extended Security Updates (ESU) program for Windows 10