End-of-life issues arise when assets are no longer supported. Vendors commit to sending regular updates to fix security flaws until the promised period ends – after that, organizations can continue using the version, but there will be no further fixes for vulnerabilities or performance issues. So when companies adopt servers or software, they must also factor in an eventual transition period.
Occasionally, vendors will provide post-end-of-life security updates, as Microsoft did for Wannacry. These are rare but very urgent, and generally signal scenarios where millions of devices are at risk of major catastrophe. Never count on getting post-end-of -life security updates, but if you do receive one, take it very seriously.Brandon WelchBrandon Welch