End of Support for Microsoft Office 2016 and Office 2019
Summary
Hide ▲
Show ▼
Microsoft Office 2016 and Office 2019 will reach the end of extended support on October 14, 2025. This means no further updates, security fixes, or technical support will be available for these versions. Organizations and individuals using these versions are advised to upgrade to avoid security, compliance, and performance issues.
Timeline
-
17.09.2025 17:57 1 articles · 12d ago
Microsoft Office 2016 and Office 2019 reach end of support
Office 2016 and Office 2019 will no longer receive updates, security fixes, or technical support after October 14, 2025. Users are advised to migrate to Microsoft 365 Apps or standalone versions like Office 2024 and Office LTSC 2024 to avoid security and compliance risks.
Show sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
Information Snippets
-
Office 2016 reached the end of mainstream support in October 2020.
First reported: 17.09.2025 17:571 source, 1 articleShow sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
-
Office 2019 reached the end of mainstream support in October 2023.
First reported: 17.09.2025 17:571 source, 1 articleShow sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
-
Microsoft 365 Apps is the recommended upgrade path for users of Office 2016 and 2019.
First reported: 17.09.2025 17:571 source, 1 articleShow sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
-
Office 2024 and Office LTSC 2024 are available as standalone alternatives.
First reported: 17.09.2025 17:571 source, 1 articleShow sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
-
Office 2024 and Office LTSC 2024 will receive support until October 9, 2029.
First reported: 17.09.2025 17:571 source, 1 articleShow sources
- Microsoft: Office 2016 and Office 2019 reach end of support next month — www.bleepingcomputer.com — 17.09.2025 17:57
Similar Happenings
SonicWall MySonicWall Breach Exposes Firewall Configuration Files
SonicWall has released a firmware update to remove rootkit malware from SMA 100 series devices, following a breach that exposed firewall configuration backup files. The breach, caused by brute-force attacks, affected less than 5% of customers and may have exposed sensitive information. SonicWall has advised customers to reset credentials and update secrets. Additionally, the Akira ransomware group has been targeting unpatched SonicWall devices, exploiting a year-old security flaw (CVE-2024-40766) and bypassing MFA on VPN accounts using previously stolen OTP seeds. There is no evidence that threat actors have leveraged exposed data against impacted customers in attacks at this time. In September 2025, SonicWall disclosed a security breach affecting MySonicWall accounts, resulting in the exposure of firewall configuration backup files for less than 5% of its customers. The breach, caused by a series of brute-force attacks, could facilitate easier exploitation of SonicWall firewalls by threat actors. SonicWall has advised customers to reset credentials, update secrets, and follow detailed guidance to mitigate potential risks. The company has cut off attackers' access and is collaborating with cybersecurity and law enforcement agencies. The exposed files may contain sensitive information, such as credentials and tokens, for services running on SonicWall devices. Additionally, the Akira ransomware group has been targeting unpatched SonicWall devices, exploiting a year-old security flaw (CVE-2024-40766) and bypassing MFA on VPN accounts using previously stolen OTP seeds. SonicWall confirmed that attackers accessed the API service for cloud backup and there is no evidence that threat actors have leveraged exposed data against impacted customers in attacks at this time. The threat actor UNC6148 has been deploying the OVERSTEP malware, a previously unknown persistent backdoor/user-mode rootkit, to maintain persistent access, steal sensitive credentials, and conceal its own components. The malware modifies the appliance's boot process to evade detection and hide files and activity. UNC6148 may have used an unknown zero-day remote code execution vulnerability to deploy OVERSTEP on SonicWall SMA appliances. Potential vulnerabilities exploited by UNC6148 include CVE-2021-20038, CVE-2024-38475, CVE-2021-20035, CVE-2021-20039, and CVE-2025-32819. SonicWall has advised customers to look for signs of compromise, such as gaps or deletions in SMA logs, unexpected appliance reboots, persistent admin sessions, unauthorized configuration changes, and reoccurring access following patching or resets. CISA recommends upgrading firmware, replacing and rebuilding SMA 500v, resetting OTP bindings, enforcing MFA, resetting passwords, and replacing certificates with private keys stored on the appliance.
Microsoft September 2025 Patch Tuesday addresses 81 vulnerabilities, including two zero-days
Microsoft's September 2025 Patch Tuesday addresses 80 vulnerabilities, including one publicly disclosed flaw and eight critical vulnerabilities. The updates fix a range of issues, including privilege escalation, remote code execution, information disclosure, and denial-of-service vulnerabilities. The patches also cover a critical flaw in Azure Networking and address a new lateral movement technique dubbed BitLockMove. Additionally, security updates have been released by multiple vendors, including Adobe, Cisco, Google, and others. The September 2025 update includes 38 elevation of privilege (EoP) vulnerabilities. The two zero-day vulnerabilities are CVE-2025-55234 in Windows SMB Server and CVE-2024-21907 in Microsoft SQL Server. The SMB vulnerability is exploited through relay attacks, while the SQL Server flaw involves improper handling of exceptional conditions in Newtonsoft.Json. The updates also include hardening features for SMB Server to mitigate relay attacks, with recommendations for administrators to enable auditing to assess compatibility issues. The KB5065429 cumulative update for Windows 10 22H2 and 21H2 includes fourteen fixes or changes, addressing unexpected UAC prompts and severe lag and stuttering issues with NDI streaming software. The update enables auditing SMB client compatibility for SMB Server signing and SMB Server EPA, and includes an opt-in feature for administrators to allow outbound network traffic from Windows 10 devices. The September 2025 update includes 38 elevation of privilege (EoP) vulnerabilities. CVE-2025-55234 is an elevation of privilege vulnerability with a CVSS score of 8.8. CVE-2025-54918 in Windows NT LAN Manager (NTLM) is marked as critical and has a CVSS score of 8.8. CVE-2025-54111 and CVE-2025-54913 are EoP vulnerabilities in Windows UI XAML. CVE-2025-55232 in the Microsoft High Performance Compute (HPC) Pack has a CVSS score of 9.8. CVE-2025-54916 in Windows NTFS has a CVSS score of 7.8 and can be exploited through SMB or local parsing routines. Microsoft has released the final non-security preview update for Windows 10, version 22H2, which includes fixes for the out-of-box experience and SMBv1 protocol connectivity. The update improves the servicing stack, updating Windows 10 22H2 systems to build 19045.6396. The update includes fixes and quality improvements from the KB5065429 cumulative update, enabling support for IT administrators to deploy hardening measures for SMB. The update addresses an issue causing non-admin users to receive unexpected User Account Control (UAC) prompts and fixes delays or uneven audio and video performance issues with Network Device Interface (NDI) streaming. Microsoft will stop providing security updates for Windows 10 after October 14, 2025, and the Extended Security Updates (ESU) program is available for Windows 10 users to delay the switch to Windows 11. Individual customers in the European Economic Area (EEA) can enroll in the ESU program for free.