Microsoft announces product it doesn't want you to buy: Extended security updates for old Exchange, and Skype for Biz
Summary
Microsoft will continue to provide extended security updates for older versions of Exchange Server and Skype for Business Server, acknowledging that some customers are not yet prepared to migrate to newer products. These updates will be offered for a fee, encouraging organizations to eventually transition to supported versions.
IFF Assessment
Offering paid security updates for outdated software can create an incentive for organizations to delay critical migrations, leaving them potentially vulnerable for longer periods.
Defender Context
This announcement highlights the ongoing challenge of maintaining security for legacy systems. Defenders should be aware that even with paid support, older versions of software may still pose risks compared to modern, regularly updated platforms. Organizations still running these older versions should prioritize migration plans to reduce their attack surface.