Plan for end-of-support software and software versions

Applies to:

End-of-support (EOS), otherwise known as end-of-life (EOL), for software or software versions means that they'll no longer be supported or serviced, and won't receive security updates. When you use software or software versions with ended support, you're exposing your organization to security vulnerabilities, legal, and financial risks.

It's crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. They should examine the options to remove or replace apps that have reached end-of-support and update versions that are no longer supported. It's best to create and implement a plan before the end of support dates.

Note

End-of-support capability is currently available only for Windows products.

Tip

Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to sign up for a free trial.

Find software or software versions that are no longer supported

  1. From the vulnerability management menu, navigate to Recommendations.
  2. Go to the Filters panel and look for the tags section. Select one or more of the EOS tag options. Then Apply.

tags that say EOS software, EOS versions, and Upcoming EOS versions.

  1. You see a list of recommendations related to software with ended support, software versions that are end of support, or versions with upcoming end of support. These tags are also visible in the software inventory page. Tags for versions with upcoming end of support displays up to six months in advance.

image of recommendations with EOS tag.

List of versions and dates

To view a list of versions that have reached end of support, or end or support soon, and those dates, follow the below steps:

  1. A message appears in the security recommendation flyout for software with versions that have reached end of support, or will reach end of support soon.

image of version distribution link.

  1. Select the version distribution link to go to the software drill-down page. There, you can see a filtered list of versions with tags identifying them as end of support, or upcoming end of support.

image of software drilldown page with end of support software.

  1. Select one of the versions in the table to open. For example, version 10.0.18362.1. A flyout appears with the end of support date.

image of end of support date.

Once you identify which software and software versions are vulnerable due to their end-of-support status, you must decide whether to update or remove them from your organization. Doing so lowers your organizations exposure to vulnerabilities and advanced persistent threats.