Microsoft Extends Support for Exchange & Skype Servers—Urgent Migration Ahead

For IT administrators and business leaders still running on-premises Exchange Server or Skype for Business servers, the coming months signal a period of both opportunity and urgency. Microsoft has announced a crucial extension in support for select versions of these workplace cornerstones, granting organizations a short-but-significant grace period as they prepare to migrate to modern, secure communication platforms. Yet, the terms are stricter than past reprieves and the risks of delay are not to be underestimated.

Microsoft’s New End-of-Support Timetable: The Essentials​

Microsoft has officially extended support for Exchange Server 2016 and 2019, as well as Skype for Business Server 2015 and 2019, synchronizing their end-of-life dates to October 14, 2025. This is the same sunset date as Windows 10—a deadline that IT teams worldwide have been eyeing with concern and preparation. To further soften the transition, the company is introducing a one-time, six-month Extended Security Update (ESU) program for these server products. This extension, running from October 14, 2025, to April 14, 2026, will provide only critical and important security patches, with no second chances or further extensions promised.
Unlike previous Windows operating system ESU plans—which sometimes offered multiple years of paid extended support—Microsoft has made it clear this is a last call: a single six-month post-support window for those who require extra time to complete their server migrations. “[This ESU] is not an extension of the support lifecycle,” Microsoft emphasizes in their official communications. Rather, it should be viewed as a temporary safeguard for organizations with complex or incomplete migrations to Exchange Subscription Edition (SE) or Skype for Business SE.

How to Obtain the ESU: Process and Pricing​

Unlike familiar Windows ESU programs, the Exchange and Skype for Business server ESUs will not be distributed via Windows Update or made available for public download. Instead, eligible customers must engage directly with Microsoft, starting August 1, to discuss purchasing options and obtain the necessary patches. This approach ensures only enrolled and vetted organizations receive the security updates, providing a controlled mechanism that reflects both the urgency and the sensitive nature of these legacy systems.
Pricing details are yet to be formally published by Microsoft, but industry expectations point to a premium cost, reflecting the exceptional nature of such support. Security experts generally consider these last-ditch ESUs as an insurance policy, not a sustainable operating strategy.

The Urgency Behind the Extension​

Historically, organizations have clung to on-premises email and communications platforms well beyond their official end-of-support timelines. The reasons are myriad: regulatory compliance, compatibility with legacy software, hesitancy over cloud migration, or the sheer complexity of moving data and services at scale. As recently as June 2025, Windows 10 users still outnumbered those on Windows 11, reflecting industry-wide inertia and prioritization challenges.
However, running unsupported server software is not merely a matter of missing out on new features—it substantially increases an organization’s vulnerability to cyberattacks. High-profile breaches have frequently targeted outdated servers, exploiting known vulnerabilities that remain unpatched after support ends. The six-month ESU is thus a lifeline, but also a stark warning: every extra day on legacy software magnifies risk exposure.

Migration Paths: Exchange Subscription Edition and Skype for Business SE​

Microsoft’s strong recommendation is for customers to migrate to Exchange Subscription Edition (SE) or Skype for Business SE before the ESU period expires. Both products represent the company's commitment to continuous service delivery (CSD), dropping traditional multi-year support cycles in favor of rolling feature and security updates.

Strengths of the Modern Editions​

• Continuous Updates: Security and feature improvements are delivered on a regular cadence, eliminating the uncertainty of ‘big bang’ upgrades and lapsed security.
• Cloud Integration: Both SE versions offer deep integration with Microsoft 365 and Azure services, allowing hybrid deployment scenarios and smoother transitions to fully cloud-based architectures.
• Compliance and Analytics: Enhanced reporting, auditing, and compliance tools support regulatory requirements and improve administrative oversight.

Known Challenges and Risks​

• Migration Complexity: Moving from older versions often involves significant preparation and upgrades to both hardware and software environments. Blocking issues such as custom integrations, third-party archiving solutions, and unique directory dependencies are common.
• Cost and Licensing: The Subscription Edition model—while delivering continuous value—can result in higher long-term costs compared to the perpetual licensing of legacy servers.
• Training and Change Management: IT staff and end-users both face adjustment periods, with new management paradigms and UI differences to absorb.

Critical Analysis: Pros, Cons, and Strategic Implications​

Major Strengths​

• Security-First Approach: By providing a short ESU window, Microsoft demonstrates commitment to its business customers without enabling long-term complacency.
• Clear Communication: The consistent messaging surrounding the finality of this support means organizations are unlikely to be caught off-guard by surprise extensions or changes—lessen the risk of “scope creep” in upgrade planning.
• Alignment Across Products: Synchronizing end-of-support dates for Exchange, Skype for Business, and Windows 10 enables coordinated, organization-wide planning for migrations and upgrades.

Areas of Concern​

• Six Months Is Not Enough for All: Large enterprises, especially those in highly regulated industries, may find the window insufficient. The “one more extension” pattern, seen elsewhere in the industry, will not be repeated for these products.
• No Public Update Distribution: Restricting ESU availability to direct negotiation with Microsoft may disadvantage smaller businesses or those without dedicated licensing expertise.
• Opaque Pricing: With costs undisclosed until shortly before the ESU offer opens, budgeting and approval processes may become bottlenecks for some organizations.

Security Risks and Long-Term Dangers​

By its nature, the ESU program is a stopgap measure. Once the final extension lapses in April 2026, servers running Exchange 2016/2019 or Skype for Business 2015/2019 with no further security updates will quickly become high-value targets for cybercriminals. Recent ransomware campaigns have proven that even short delays in patching known vulnerabilities can be catastrophic, leading to data exfiltration, business disruption, and regulatory penalties.
Organizations relying on unsupported software after the deadline are taking significant risks, not least in the areas of compliance (e.g., GDPR, HIPAA), where use of end-of-life products can constitute a breach of legal obligations regarding data security.

Real-World Impact: Who Is Most Affected?​

Although Microsoft has not revealed how many organizations continue to rely on legacy Exchange and Skype for Business infrastructure, industry analysts estimate there are still tens of thousands of businesses running these systems worldwide. Sectors such as healthcare, legal, government, and finance are typically overrepresented, given their unique regulatory and data sovereignty requirements.
For IT consultancies and managed service providers, this transition period offers both risk and reward. On one hand, slow-moving clients may find themselves scrambling for skilled migration partners; on the other, those vendors who can offer seamless, compliant upgrades will find themselves in demand.

Expert Recommendations: What Should IT Teams Do Now?​

• Audit Existing Environments: Inventory all server deployments and dependencies related to Exchange and Skype for Business. Understand what versions are running and if other systems rely on these servers.
• Engage with Microsoft Promptly: For those unable to complete migrations before October 2025, start discussions with Microsoft immediately (from August 1) regarding ESU eligibility, pricing, and subscription terms.
• Accelerate Migration Plans: Where possible, accelerate the move to Exchange Subscription Edition or Skype for Business SE. Consider leveraging hybrid modes to streamline the transition and test new features without an all-at-once migratory leap.
• Educate Leadership and Staff: Ensure organizational buy-in by communicating both the security dangers of unsupported systems and the business advantages of modern platforms.
• Double Down on Security: Until migration is complete, tighten perimeter defenses, ensure regular backups, monitor for abnormal activity, and test disaster recovery plans.
• Review Licensing and Budget: Prepare for the financial implications of ESUs and eventual subscription licensing, working these costs into IT budgets well ahead of deadlines.

Frequently Asked Questions​

Will Microsoft extend support again after April 2026?​

No further extensions or ESU programs are planned. Microsoft’s communications have been unequivocal: April 14, 2026, is the firm cutoff.

Can ESUs be obtained for servers running outside of standard configurations or without an active Software Assurance agreement?​

Details are subject to Microsoft’s eligibility rules, but generally, ESUs require that servers are in supported configurations and have active support agreements. Exceptions, if any, will be directly negotiated.

Are there alternatives for organizations unable or unwilling to migrate to Subscription Editions?​

Hybrid solutions, cloud migration to Microsoft 365 (Exchange Online/Teams), or, in rare cases, third-party migration tools may offer alternatives, but each comes with its own risk profile and costs.

What’s Next For Enterprise Communication Platforms?​

Microsoft’s phased, security-first approach to legacy server products is emblematic of broader industry trends. Cloud-centric or hybrid architectures are now the de facto standard, offering not just rapid feature delivery, but also the ability to respond quickly to emerging threats. For those clinging to legacy infrastructure, the writing is on the wall: transformation is not just inevitable—it is urgent.
Competitors such as Google Workspace and Zoom have raised the bar for workplace communications and collaboration, setting new standards for security, scalability, and administrative control. Microsoft’s Subscription Editions are a direct response to these market pressures, seeking to retain existing customers with a bridge between on-premises familiarity and cloud-powered capabilities.

Conclusion: A Final Countdown​

Microsoft’s last-ditch ESU for Exchange Server and Skype for Business is both a reprieve and a stern warning. The temporary extension offers a brief window in which to complete migrations, with the knowledge that further extensions will not be forthcoming. Organizations should seize this opportunity to modernize their communication infrastructure, embrace the enhanced security and features of Subscription Editions, and reestablish compliance in an era of constant cyber threats.
Delay, at this point, is an increasingly costly and risky proposition. The message is clear: secure your migration plan today, or prepare for escalating exposure on unsupported, outdated servers tomorrow.

---

Source: TechRadar Microsoft extends support for Exchange, Skype business servers - here's how to keep access