ESUs Protect Systems Past Support

• Customers should subscribe to ESUs for any unsupported Microsoft software they run.
• Systems without ESUs are vulnerable to attack and risk cutoff from e-mail and other services.
• Azure and Windows 365 customers should exploit available discounts on any ESUs they need.
• Routine, long-term use of ESUs is a sign that the organization needs more time and resources to update software, or to replace software with cloud applications.

Extended Security Update (ESU) subscriptions deliver limited security updates for software that Microsoft no longer supports. Without required ESUs, a system running unsupported software versions could become the jumping-off point for an attack, and Microsoft might cut the system off from some services. Customers pay high, increasing fees for ESUs, although some Microsoft cloud services (such as Azure VMs) offer bundled ESUs. ESUs can keep unsupported software secure while the customer migrates to supported versions or alternatives, but they do not offer any other product support, and heavy use of ESUs is a symptom of an IT governance problem.