“Any time software reaches end-of-life there is the risk of attackers discovering new vulnerabilities that will remain unpatched,” Zach Varnell, Senior AppSec Consultant at nVisium, told Threatpost. “There may even be existing vulnerabilities that are not yet publicly known. Attackers could just sit on those issues and not reveal them until after the EOL date, ensuring that they will have longer to use them.”

Read the entire article here