0Patch promises to provide security updates for out-of-support Office 2010
Support for Microsoft Office 2010 ended in October 2020. Microsoft released a last batch of security updates for Office 2010 on the October 13, 2020 Patch Day before it changed the status of the application to unsupported.
Not all Office 2010 customers will stop using the software program, and it is possible that Office 2010 vulnerabilities will be detected in the future that could leave the systems open to attacks targeting unpatched vulnerabilities.
Microsoft does not offer an Extended Security Updates (ESU) for Office 2010 that extends support for Enterprise and business customers. Windows 7 customers could extend support by up to three years after support ended on January 14, 2020.
0Patch, a security company that has created a micro-patching solution, has pledged to deliver security updates for Microsoft Office 2010 after support end similarly to it releasing security updates for Windows 7 and Server 2008 R2 systems after support ended.
The company plans to offer the service to paying customers only; this is different from the Windows 7 micropatches that it pledged to create as some of these were published without charge to free users. The FAQ reveals that specific patches may be released for free, e.g. to "help slow down a global worm outbreak".
The requirements for receiving post End of Service updates for Office 2010 are:
- A fully patched Office 2010 installation.
- Installation of 0Patch Agent on devices running Office 2010 and registration of the Agent with the 0Patch account.
- 0Patch Pro or 0Patch Enterprise licenses. (a Pro license starts at €22.95 + tax per computer and year, and it is available to Home users as well).
- Allow the Office 2010 device to connect to the 0Patch server.
0Patch plans to support Office 2010 until October 2021 in the beginning, but it may extend support if there is enough customer interest.
The company uses several sources to determine whether Office 2010 is affected by a vulnerability. From checking if newly discovered vulnerabilities for in-support versions of Office affect Office 2010 to collecting vulnerability information from the security community, public sources, and its partners. Not all security issues will be patched, as vulnerabilities need to have a high risk associated with them in the company's assessment to warrant the creation of micropatches.
Home users may use the service but it is certainly of more interest to companies and Enterprise customers who still have Office 2010 installations on company hardware. Extension of security updates may help extend the migration period to a new version of Office or another Office solution.
Now You: do you use Microsoft Office? If so which version?Advertisement