%20(1)%20(1).png?width=309&height=69&name=image-001%20(2)%20(1)%20(1).png "periculo")
IASME Security Update (Cyber Essentials)
This page summarises the key operating system (OS) and end-user device (EUD) support updates highlighted in the latest IASME webinar. These updates are particularly important for maintaining Cyber Essentials and Cyber Essentials Plus compliance, as running unsupported software is a common cause of certification failure.
Windows Updates
-
Windows 10 22H2 (All Editions)
-
End of Life (EOL): 14 October 2025
-
After this date, all Windows 10 22H2 devices will require extended support agreements to remain compliant.
-
Cyber Essentials impact: Devices without extended support will be deemed unsupported and non-compliant.
-
Action: Begin upgrade planning or ensure extended support is in place.
-
-
Windows 11 23H2 (Home, Pro editions)
-
End of Life (EOL): 11 November 2025
-
After this date, extended support confirmation is required for Cyber Essentials compliance.
-
Action: Upgrade to newer Windows 11 builds (e.g., 24H2) before expiry.
-
Apple macOS Updates
IASME considers the following macOS versions as supported:
-
Tahoe 26
-
Sequoia 15.7
-
Sonoma 14.8
Cyber Essentials impact: Running these supported versions ensures compliance. Devices on older macOS releases (e.g., Monterey or earlier) must be updated or decommissioned.
Mobile Devices
Apple iOS / iPadOS
Currently supported versions under Cyber Essentials:
-
iOS / iPadOS 26
-
iOS / iPadOS 18.7
-
iPadOS 17.7.10
-
iOS / iPadOS 16.7.12
Note: iOS 17 is not considered supported since no updates have been released in almost a year.
Cyber Essentials impact: Devices running iOS 17 will be marked non-compliant.
Android
Supported versions are:
-
Android 16
-
Android 15
-
Android 14
-
Android 13
Cyber Essentials impact: Devices running below Android 13 are considered unsupported and will cause compliance failures.
Key Takeaways for Cyber Essentials
-
Unsupported OS = Automatic Non-Compliance
Devices running operating systems beyond their vendor support window are not permitted under Cyber Essentials. -
Extended Support Must Be Proven
If using extended support (e.g., for Windows 10 22H2), organisations must be able to evidence coverage during Cyber Essentials audits. -
Mobile Device Management
Regular checks are essential to ensure all iOS/iPadOS and Android devices are on supported versions. -
Audit and Decommissioning
Unsupported systems should be upgraded, replaced, or fully removed from scope to maintain certification.
Recommended Actions (for Cyber Essentials compliance)
-
Audit your EUD estate (Windows, macOS, iOS/iPadOS, Android).
-
Identify any devices approaching EOL.
-
Put plans in place for upgrades or confirm extended support.
-
Remove or replace devices that cannot be updated.
-
Keep evidence of support status (vendor links, extended support contracts) ready for your Cyber Essentials assessor.
