CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Microsoft Exchange 2016 and 2019 reach end of support on October 14, 2025

First reported
Last updated
1 unique sources, 2 articles

Summary

Hide ▲

Microsoft Exchange Server 2016 and 2019 have reached the end of extended support on October 14, 2025. After this date, Microsoft will no longer provide technical support, bug fixes, time zone updates, or security patches for these versions. Administrators are urged to migrate to Exchange Online or upgrade to Exchange Server Subscription Edition (SE) to maintain support and security. Exchange 2016 and 2019 will continue to operate after October 14, 2025, but running these versions will expose organizations to potential security risks. Microsoft reminded administrators in January and September 2025 that Exchange Server 2016 and 2019 would reach the end of support in October 2025.

Timeline

  1. 15.09.2025 20:04 2 articles · 1mo ago

    Microsoft Exchange 2016 and 2019 reach end of support on October 14, 2025

    Microsoft has confirmed that Exchange Server 2016 and 2019 have reached the end of extended support on October 14, 2025. The company reminded administrators in January and September 2025 that these versions would reach the end of support. After this date, Microsoft will cease providing technical support, bug fixes, time zone updates, and security patches for these versions. Administrators are advised to migrate to Exchange Online or upgrade to Exchange Server Subscription Edition (SE) to maintain support and security. Administrators are advised that continuing to use these outdated versions after the end-of-support date invites potential security risks.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Microsoft to provide free Windows 10 security updates in EEA

Microsoft will offer free extended security updates for Windows 10 in the European Economic Area (EEA). The decision follows pressure from Euroconsumers, a consumer protection organization, and aims to ensure compliance with the Digital Markets Act (DMA). The updates will be available without requiring users to back up settings, apps, or credentials, or use Microsoft Rewards. Windows 10 support is set to end on October 14, 2025.

Open in new tab

End of Support for Microsoft Office 2016 and Office 2019

Microsoft Office 2016 and Office 2019 will reach the end of extended support on October 14, 2025. This means no further updates, security fixes, or technical support will be available for these versions. Organizations and individuals using these versions are advised to upgrade to avoid security, compliance, and performance issues.

Open in new tab

Microsoft to end support for Windows 10 on October 14, 2025

Microsoft has ended support for Windows 10 on October 14, 2025. This includes all editions of Windows 10 2015 LTSB and Windows 10 IoT Enterprise LTSB 2015. After this date, no further security updates, bug fixes, or technical assistance will be provided. Users must upgrade to Windows 11 or enroll in the Extended Security Updates (ESU) program to continue receiving support. A significant proportion of individual users and organizations still run the Windows 10 operating system, raising significant cybersecurity concerns. Over 40% of global endpoints still run Windows 10, and 26% of UK Windows 10 users do not plan to upgrade. The UK's National Cyber Security Centre (NCSC) has urged customers to upgrade before October 11, 2025, highlighting past exploits of unpatched legacy systems. Experts warn of increased targeting of Windows 10 flaws post end-of-life date. The end of support affects Windows 10 Home, Pro, Enterprise, Education, and IoT Enterprise editions. Microsoft advises users to migrate to Windows 11 or use the ESU program, which offers one year of extended support for a fee. Alternatively, users can switch to Long-Term Servicing Channel (LTSC) releases for specialized devices. Microsoft will allow individual customers in the European Economic Area (EEA) to enroll in the ESU program for free if they use a Microsoft account to enroll and log in to Windows.

Open in new tab

Microsoft September 2025 Patch Tuesday addresses 81 vulnerabilities, including two zero-days

Microsoft's September 2025 Patch Tuesday addresses 80 vulnerabilities, including 13 critical vulnerabilities. The updates fix a range of issues, including privilege escalation, remote code execution, information disclosure, and denial-of-service vulnerabilities. The patches also cover a critical flaw in Azure Networking and address a new lateral movement technique dubbed BitLockMove. Additionally, security updates have been released by multiple vendors, including Adobe, Cisco, Google, and others. The September 2025 update includes 38 elevation of privilege (EoP) vulnerabilities. The two zero-day vulnerabilities are CVE-2025-55234 in Windows SMB Server and CVE-2024-21907 in Microsoft SQL Server. The SMB vulnerability is exploited through relay attacks, while the SQL Server flaw involves improper handling of exceptional conditions in Newtonsoft.Json. The updates also include hardening features for SMB Server to mitigate relay attacks, with recommendations for administrators to enable auditing to assess compatibility issues. The KB5065429 cumulative update for Windows 10 22H2 and 21H2 includes fourteen fixes or changes, addressing unexpected UAC prompts and severe lag and stuttering issues with NDI streaming software. The update enables auditing SMB client compatibility for SMB Server signing and SMB Server EPA, and includes an opt-in feature for administrators to allow outbound network traffic from Windows 10 devices. The September 2025 update includes 38 elevation of privilege (EoP) vulnerabilities. CVE-2025-55234 is an elevation of privilege vulnerability with a CVSS score of 8.8. CVE-2025-54918 in Windows NT LAN Manager (NTLM) is marked as critical and has a CVSS score of 8.8. CVE-2025-54111 and CVE-2025-54913 are EoP vulnerabilities in Windows UI XAML. CVE-2025-55232 in the Microsoft High Performance Compute (HPC) Pack has a CVSS score of 9.8. CVE-2025-54916 in Windows NTFS has a CVSS score of 7.8 and can be exploited through SMB or local parsing routines. Microsoft has released the final non-security preview update for Windows 10, version 22H2, which includes fixes for the out-of-box experience and SMBv1 protocol connectivity. The update improves the servicing stack, updating Windows 10 22H2 systems to build 19045.6396. The update includes fixes and quality improvements from the KB5065429 cumulative update, enabling support for IT administrators to deploy hardening measures for SMB. The update addresses an issue causing non-admin users to receive unexpected User Account Control (UAC) prompts and fixes delays or uneven audio and video performance issues with Network Device Interface (NDI) streaming. Microsoft will stop providing security updates for Windows 10 after October 14, 2025, and the Extended Security Updates (ESU) program is available for Windows 10 users to delay the switch to Windows 11. Individual customers in the European Economic Area (EEA) can enroll in the ESU program for free.

Open in new tab