Microsoft Tweaks Support Lifecycle

Microsoft Corp. today announced that it is slightly modifying its support lifecycle to provide what it calls “more predictability” for customers.

The change was driven by the end of support for Exchange Server 5.5. That occurred on the stroke of midnight on Dec. 31, 2005. But this is the first “Patch Tuesday” of the new year and, despite the end of support 10 days ago, Microsoft released a security bulletin and patch for a critical vulnerability in the aging e-mail server.

So from now on, product support periods, which traditionally end at quarterly cut-off dates, will be extended to the date of the next regular security update for that product.

“Microsoft is changing [the support lifecycle] by matching the date the product-support lifecycle ends with the regular, monthly security update release cycle,” Microsoft officials said in a statement. “Effective today, Microsoft is changing that by matching the date the product-support lifecycle ends with the regular, monthly security update release cycle,” the statement continues.

Though small, the 10-to-15-day gap could confuse customers.

Microsoft standardized its product support lifecycle beginning in 2002. The company provides five years of mainstream support for most products. That is followed by two years of extended support -- read “paid” support. In 2004, however, Microsoft lengthened the period for extended support to five years.

The patch for the critical Exchange 5.5 hole is available here. The remote execution flaw also affects some versions of Microsoft Office and Microsoft Outlook.

The Exchange patch was one of two posted Tuesday. Microsoft also released a patch for a critical remote execution flaw in Windows, available here.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.