Today Microsoft released an update for Windows NT 4.0 that is being made available to all customers, even though Windows NT 4.0 support lifecycle has ended. This alert is to give your more information on why Microsoft is releasing this update.
On rare occasions when Microsoft believes that a broad range of customers are at exceptional risk, we will release an update. We've been clear that bulletins would be released after a product has reached the end of its support lifecycle, if necessary, to help protect customers if a level of awareness and malicious activity puts customers in harms way. In this case, the level of awareness and malicious activity around this issue prompted Microsoft to release an update (MS05-010) for Windows NT Server 4.0 and Windows NT Terminal Server Edition 4.0.
Microsoft has no plans to release additional security updates publicly in the future. Customers should not rely on Microsoft releasing public fixes to keep their Windows NT4 systems secure. Customers should evaluate the need for a Custom Support Agreement based on their current use of Windows NT4, current migration plans and business requirements. A full risk assessment will help customers identify Windows NT4 impact on their internal security as well as potential risk mitigation options. A Custom Support Agreement should be part of a risk mitigation plan when appropriate.
Custom Support Agreements for Windows NT 4.0 line of products are still available to customers that need them. Please contact your Technical Account Manager or Account Manager is you are interested in pursuing this option.