In June 2025, manufacturers received a crucial reminder: Windows 10 is nearing end-of-support, and plant-floor systems running it need urgent attention. Between high-profile vendor announcements and critical ICS advisories, the message was clear—industrial operations built on aging OS foundations are increasingly at risk.
🔍 What Broke in June
The spotlight landed on Beckhoff, whose TwinCAT automation software remains widely used on Windows platforms, including Windows 10 and 11. In a Food Engineering interview, Beckhoff confirmed the company will continue supporting Windows 10—including stable LTSC releases—through 2027 but strongly recommended customers adopt “frequent updates … to keep systems secure” or consider alternatives like Linux-based TwinCAT/BSD if their vendors don’t match that pace (Food Engineering).
Just days later, on June 24, CISA released eight Industrial Control Systems alerts—one of which, ICSA-25-175-03, involved Schneider Electric Modicon PLCs with a high-severity (CVSS 7.1) code-execution flaw. These devices commonly run on Windows 10-connected systems. CISA warned these vulnerabilities were exploitable remotely and urged immediate patching or network segmentation (CISA).
⚠️ Why It Matters
The convergence of Windows 10’s sunset and critical ICS vulnerabilities threatens two fronts:
Security Risks from Obsolete OS
As Windows 10 nears its October 14, 2025 end-of-support date, factory PCs and HMI panels will no longer receive updates—leaving known weaknesses unpatched and exploitable.Vendor-Embedded Vulnerabilities
Companies like Schneider Electric and Beckhoff rely heavily on Windows 10 in their automation stacks. That OS dependency makes widespread ICS threats like Modicon’s remote RCE vulnerabilities particularly dangerous if remediation is delayed.Operational Disruption & Compliance Exposure
Unpatched systems could lead to production stoppages and compliance gaps—especially around regulations like NIST and ISA/IEC 62443, which mandate secure and updated OT environments.
🧭 What Manufacturers Should Do
First, plant-floor IT teams need to inventory every Windows 10 instance—whether standalone IPCs, HMI terminals, or virtual machines. Determine which systems are eligible for upgrades to Windows 11 IoT, which should migrate to LTSC, and which may benefit from Linux alternatives.
Next, patch management becomes mission-critical. Follow CISA’s guidance for Schneider Modicon PLCs: update firmware to the fixed versions in June 2025 advisories or immediately enforce network segmentation around impacted devices to isolate risk (CISA).
Work closely with automation vendors to align OS lifecycle plans. Beckhoff emphasizes frequent software release cycles; if your vendor doesn’t support regular updates, consider migrating to Linux-based runtimes like TwinCAT/BSD or real-time Linux stacks, which offer long-term security and flexibility (Food Engineering).
Finally, build this work into your broader OT hardening program—combine patch rollout, vendor alignment, segmentation, and lifecycle planning into a quarterly or annual roadmap, ensuring October 2025 doesn’t arrive with forgotten systems.
🧠 Final Thought
June’s events delivered a wake-up call: plant-floor cybersecurity hinges on the OS beneath the control applications. With Windows 10’s clock ticking and ICS vulnerabilities live in the wild, manufacturing operations only have a few critical months to act. Proactive patching, vendor coordination, and OS modernization are not optional—they’re essential to prevent downtime, breach risk, and compliance failure.