- Some NHS devices are incompatible with Windows 11
- Manufacturers insist that they must be replaced at great cost
- Windows 10 reached end of life, security updates will no longer be patched
Hospitals in the NHS are failing to complete their full upgrade to Windows 11 due to a small number of suppliers still needing to make their devices compatible with the new operating system.
This flaw leaves the devices exposed if vulnerabilities occur as Microsoft ended support for Windows 10 back in October 2025 – meaning it will no longer fix security flaws for anyone, no matter how critical the software.
Reports from Digital health outlines the example of Rotherham NHS Foundation Trust, where around 98% of the trust’s Windows estate has been updated thanks to ‘fantastic work’ by tech teams, but the remaining 2% of devices are not compatible with the new OS.
Small percentage, big exposure
This may not seem like a large number, but hospitals are an incredibly attractive target for cybercriminals as they have many systems that can be held hostage due to the urgency of the operation – making ransom payments potentially more likely.
Director of health informatics at Rotherham NHS Foundation Trust, James Rawlinson, explains that some equipment that is only three years old now needs to be completely replaced due to the incompatibility, according to the manufacturer.
Manufacturers use the excuse of having to go through strict regulations for their software to interact with the other medical equipment – but this costs the already burdened healthcare system extra costs.
“We want them to do it, but it still leaves a bad taste in your mouth when you’ve spent £34,000 on a piece of equipment and then three years later you’re going to spend it all again because they themselves just won’t upgrade to support Windows 11,” Rawlinson told Digital health.
Any chance of disruption can also have a serious impact on the hospital, with a study tragically finding that ransomware effects contributed to a patient death – highlighting the extreme importance of ensuring every device is up-to-date.
“Historically, these medical device vendors have provided end-to-end support for their software and equipment, but then suddenly say ‘It’s nothing to do with us, it’s up to your local IT to take care of it, but don’t worry, you can buy extended support from Microsoft’. It just stinks,” adds Rawlinson.
The best protection against identity theft for all budgets
