InfoSecBulletin Cybersecurity for mankind
Organizations are reminded that three Windows versions released in 2016 are about to lose support. After the last monthly security update, they won’t receive security patches, bug fixes, non-security updates, support, or updated documentation anymore.
End Support for Legacy Windows Versions:
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
For defenders, the key issue is the accumulation of risk after patching ends. Systems on outdated versions after the final Patch Tuesday will become non-compliant and more vulnerable to attacks as new security flaws emerge.
Microsoft notes that “LTSB” is the older name for today’s “LTSC” channel, designed for special-purpose devices; the naming shows up differently across documentation, but the lifecycle dates are what matter.
Microsoft advises upgrading instead of relying on extended coverage as a long-term solution. For servers, the recommended upgrade is to Windows Server 2025.
If timelines do not allow a full migration, Microsoft points to the Extended Security Updates (ESU) program as a temporary bridge for up to three years after the end-of-support date.
ESU provides only “critical” and “important” security updates (per Microsoft’s severity ratings) and offers limited technical support focused on ESU activation, update installation, and issues caused by updates.
ESU does not include new features, quality upgrades, design changes, or complete product support restoration. Microsoft will offer ESU for Windows 10 Enterprise 2016 LTSB through Volume Licensing or a Cloud Solution Provider in Q2 2026.
Priced at USD per device for the first year, with a discounted rate for systems managed by Intune or Windows Autopatch.
Microsoft warned that ESU pricing doubles every year for up to three years and accumulates, so enrolling in the second year requires payment for the first year as well. ESU for Windows 10 IoT Enterprise 2016 LTSB is available only through IoT OEMs.
