Given the potential impact to customers and their businesses, we made the decision to make security updates available for platforms that are no longer in mainstream support (see download links in the following table). That means those customers will not have received any security updates to protect their systems from CVE-2019-0708, which is a critical remote code execution vulnerability. Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support.
