Somewhere in your estate, the odds are good, there is a SQL Server running a version Microsoft stopped supporting years ago. It still works. It has worked the whole time. And it has not received a single security fix since support ended, which means every vulnerability found since then is a permanent, unpatched, publicly documented door into your data.
This is not about features. An old version runs your application fine. That is precisely why it survives: nothing forces the upgrade, the project that would fund it never quite gets prioritised, and an unsupported database is a slow risk, not a loud one. It does not break. It just quietly becomes less defensible every month, while attackers read the same vulnerability notes you could be reading.
The day it matters is the day a regulator, an auditor, an insurer, or an actual incident asks the simple question: is this system supported and patched? For an end-of-life database there is only one honest answer, and it is not one you want to give under pressure.
Do you know, today, every version of SQL Server you are running, and which of them are past support? Most organisations cannot answer that without going to look, and what they find when they look is rarely comforting.
We run a free, read-only health check that inventories exactly this: every instance, every version, what is supported, what is exposed, and what it would take to close the gap. The risk has been accumulating quietly. We just put a number on it before someone else does.
Want to know if this is sitting in your estate? We run a read-only check and hand you a graded report in plain English.
Get your free health check