This is quite a surprise as XP has been off support for over three years now. In effort to thwart "potential nation-state activity", the software giant issued new patches and explains they made this decision due to an elevated risk of "destructive cyberattacks".
But oddly enough, the patches will NOT be installed automatically on unsupported versions of Windows. Users will need to download these critical security updates via the Microsoft Download Center or the Update Catalog.
Microsoft also warns once more that users must update to supported versions of Windows to ensure they continue to receive security updates.
In a separate blog post, Eric Doerr, General Manager of the Microsoft Security Response Center noted that these additional critical security updates "address vulnerabilities that are at [heightened] risk of exploitation due to past nation-state activity and disclosures."
Doerr cautioned customers running unsupported platforms not to expect similar patches in the future:
Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies. Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly. As always, we recommend customers upgrade to the latest platforms. The best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations. Older systems, even if fully up-to-date, lack the latest security features and advancements.