Windows Server 2012 End-of-Life Risks, Options, and Next Steps

By: Alejandro Vazquez | January 18, 2023

In October 2023, Windows Server 2012/2012 R2 will reach the end of extended support – leaving your infrastructure and applications at risk. (SQL Server 2012 extended support has already expired as of July 2022.)

Free Download: The Ultimate Guide to Windows Server on Azure

To avoid potential security breaches and falling out of compliance with industry regulations, this is the ideal time to start planning how to mitigate the risks by migrating your workloads to newer and supported versions – or consider alternative options to allow you more time to properly address the supportability concerns.

In this blog we will cover the business implications of Windows Server 2012/2012 R2 reaching end-of-life, the benefits and considerations of migrating or upgrading, and your options for determining your best path forward to achieve your business goals.

Quick Links:

Business Implications

When we meet with organizations facing end-of-life support scenarios, many implications arise. If they are out of support, then how will they meet their compliance requirements? How will they ensure they have reliable support to ensure uptime and mitigate risk exposure? What do they do if they’re compromised? All implications are worth considering, and we break them down below.

1. Compliance

If your organization maintains compliance with PCI, HIPAA, or any other compliance agencies, then all application and infrastructure workloads must maintain a vendor supported state. For operating systems such as when Window Server support ends, you automatically become noncompliant if you have unsupported workloads in your environment or are running applications that are no longer in scope for compliance regulations. If you’re running end-of-life workloads, your insurance premiums increase – along with your exposure to a security attack.

2. Loss of Supportability / Delays in Case of Event

When support ends for Windows Server 2012 in October 2023, organizations will lose supportability in the event of an issue or security threat. Without a reliable vendor to provide support, organizations will be vulnerable to disruption (or worse). If that happens, you won’t be able to call someone to get immediate help. Instead, you would have to get a quote and then pay an invoice before you can get help. There’s a significant delay in the case of an event.

3. Targeted Attacks and Increased Risk of Exposure

Bad actors are waiting with their fingers on the trigger for software to go out of life. If you wait until the last minute to migrate or upgrade your end-of-life software, then you may not have a secure solution in place by the time support ends. Not protecting your organization can lead to loss of revenue, loss of reputation, and targeted attack exposure risk.

Loss of Revenue

If your systems aren’t operating correctly and you’re in a time-sensitive industry, then any downtime caused by either loss of features, loss of support, or an attack could lead to revenue loss.

Loss of Reputation

Your reputation is also impacted because many security attacks hit the news. Clients become wary of organizations who aren’t savvy enough to protect themselves or their clients’ data from exposure.

4. Inability to Take Advantage of Newer Features and Functionality

Every new version of Windows introduces newer capabilities that improve the functionality and user experience. Therefore, being able to remain current allows you to take advantage of such improvements faster and sooner – improving your level of service to your organization.

Windows Server 2012 / R2 End-of-Life Options

Now that you know why you should migrate or upgrade before your software support ends, it’s time to consider your options. You have to evaluate both the short-term and long-term implications to deal with aging operating systems. In the long run, the goal is to implement a lifecycle management strategy to address aging Operating System Environment (OSE)[1] instances. To help you understand what you need to consider, we created a checklist of options for you that we explain in detail below.

 In the Datacenter   Move to the Cloud
In-Place Upgrade of OSE VersionVM Migration to Azure
Migrate Workload to Newer OSEVM Migration to VMware on Azure
VM Platform Migration to Azure Stack HCIVM Migration to Nutanix on Azure
Pay for Extended Security UpdatesIf Database, Migration to Azure PaaS
Isolate WorkloadApplication Refactor

Datacenter Options: Benefits and Considerations

In-Place Upgrade OSE Version

If you’re looking to optimize your datacenter, you know that your datacenter is not going away. You still have on-premises infrastructure that you’re supporting. So how do you account for Server 2012 going out of life in your environment? You could do an in-place upgrade. We don’t recommend it because it tends to introduce more risk than is often necessary, but there may be times where this may make sense – especially with lighter workloads. Just ensure you have backups and VM snapshots ready.

Migrate Workload to Newer OSE

Usually, the preferred option is to migrate the workload to a newer operating system. That’s a parallel side-by-side move of the application, whether it’s a reinstall or you’re just migrating data between them. It’s a viable and proven approach. Unfortunately, this process tends to be lengthy, especially with multi-tiered applications with complex SLAs, downtime restrictions, and inter-dependencies with other systems (both known and unknown). Due to the length of time needed to complete numerous upgrades, you may need to seek alternate methods to migrate your workloads to a supportable configuration.

VM Platform Migration to Azure Stack HCI

For on-premises infrastructure, the current alternative to paying for extended security updates is to migrate virtual workloads to an Azure Arc–enabled Azure Stack HCI environment. Azure Stack helps you consolidate virtualized workloads and gain cloud efficiencies when data needs to remain on-premises for varying reasons, while also providing a modern cloud-managed virtualization environment for your datacenters and remote offices.

Azure Stack HCI was built for your datacenter and lets you enable many features and capabilities previously limited to the Azure cloud platform like Azure Kubernetes Services and SQL PaaS. It also enables Azure hybrid services that enhance your datacenter with capabilities such as cloud-based monitoring, Site Recovery, and VM backups – as well providing as a central view of all of your Azure Stack HCI deployments and workloads in the Azure portal. More and more features are becoming available such as running Azure Virtual Desktop workloads on your infrastructure.

If you’re a VM owner with many VMs, determine at what level you are looking at the problem. If you have too many individual workloads that you need to upgrade, then you may want to buy time. If you’re on-premises, there are two ways to buy time: you can implement Azure Stack HCI (which is Microsoft’s alternative to paying them more money on external security updates), or you can pay for extended security updates.

Pay for Extended Security Updates

It’s very costly to purchase extended support, with an average cost of 75% of the Windows Server license, and it’s an additional yearly expense you have to incur for each workload. But once extended support ends, you won’t get any support from Microsoft. You will have to move on to something else or risk potential security breaches.

Note: For compliance with end-of-life workloads, you can get Windows Server 2008/R2, SQL Server 2008/R2, Windows Server 2012/R2, and SQL Server 2012 extended security updates at no extra cost when migrating them to Azure Stack HCI. This does require some planning as Azure Stack HCI is a hypervisor replacement to any existing virtualization solutions and relies on software-defined storage solutions and replication. This translates to requiring local storage on each Azure Stack node for storage, and it also means that any SAN solutions have to be either presented directly to the workloads above the virtualization layer or front-ended with a Windows Server Scale-Out-File-Server cluster for use by the Azure Stack HCI cluster nodes (source). The ideal Azure Stack HCI configuration would be excluding shared storage appliances altogether from the virtualization stack and from your datacenter (source).

Isolate Workload

If your applications simply won’t run on newer versions of the operating system, or you are unable to migrate to a supported virtualization platform to take advantage of extended security updates, then your remaining option is to isolate and sandbox the workload as much as possible. This is the “walled garden” approach where you prevent access to and from the internet – as well as isolate connections to and from the workload with firewalls and other security measures. This is not ideal, but sometimes you have a box that can’t go down and has been running Windows NT forever.

Cloud Options: Benefits and Considerations

Microsoft has been encouraging moving your workload VMs to Azure for a while, allowing you take advantage of automatic 3-year extended security updates for end-of-life SQL and Windows Server environments. Now, Microsoft is enabling and supporting moving your VMware and Nutanix workloads to Azure directly, while allowing you to also take advantage of the same ESUs available to native Azure workloads (assuming you’re ready to move your workloads into the cloud).

VM Migration to Azure

The most common type of migration is that of leveraging tools such as Azure Migrate to replicate and move your workloads either as native VMs in Azure or to SQL Managed Instances. If you have IIS applications, there are even options to migrate the application directly to container instances. This option carries with it the need for proper governance and planning to ensure that the environment is securely managed and maintained. Additionally, for many organizations this may involve a change in mindset from capacity management to more of a consumption mindset – as well as a change from CapEx to OpEx (in most cases).  

VM Migration to Azure VMware Service or to Nutanix Cloud Clusters

You can take advantage of the partnerships that Microsoft has established with VMware and Nutanix, allowing first-level support and technology offerings within the Azure environment. By standing up VMware or Nutanix environments in Azure, you can move your VM workloads as-is to the cloud – while leveraging the same tooling and skillsets you have already invested in. An additional benefit to this approach is allowing you to take advantage of Azure cloud services alongside your current solution stack – empowering your IT teams with more options to provide a better level of service to the organization.

Support for these options are handled through Microsoft Support as they are considered first tier solutions. Once built out, these solutions run directly on hardware running in Azure datacenters, allowing you to take advantage of the same capacity management strategies you are accustomed to.

If Database, Migration to Azure PaaS

If you have any databases, consider a migration to Azure PaaS and available SQL managed instances instead of to a VM running in Azure. You can also take advantage of the many open-source options available in the Azure marketplace.

Application Refactor

If it’s an application, consider an application refactor. Whether you’re migrating a workload to a new OS or a PaaS/SaaS offering, there may be other options and third-party tools available to make your transition smoother.

What’s the Best Path for You?

To help answer this question, first determine how to align your IT strategy with the time you have to ensure that your infrastructure remains compliant. It’s often a balancing act as you determine what is best for your organization. The best path is simply the best one customized to your situation and goals.

Identify Your Needs and Constraints

Taking on any upgrade or migration requires the right balance of time and people with the skills to achieve such an undertaking. You are often dealing with not just a single system, but clusters of interconnected systems that must be considered.

You could also be facing budgetary constraints where the goal is more about figuring out how to stay compliant while buying time to do the migration work (or a combination of both) as you prioritize key systems and find alternate methods for secondary systems.

In either case, the goal is to keep the efforts from ballooning out of control. Ensuring that you are able to plan out the cost, complexity, and timeline for how to achieve a state of compliance requires careful planning.

Create a Strategic Plan

To accomplish this, we recommend taking the time to create a strategic plan for handling the problem for the short-term and long-term. That gets rid of the unknowns. With a plan, you can see where you need to migrate, upgrade, and optimize – and how each affects everything else in your environment.

Address how to handle on-premises workloads, as well as cloud-based workloads. Ideally you are able to consider not just the cost of getting compliant, but also include the benefits of new capabilities, features, and solutions that you gain from leveraging a more modern approach. These solutions include leveraging cloud management for your on-premises environments, switching to a SAN-less model for storage, and even enabling the use and management of containers in your datacenter.

Take the necessary time up-front to determine if a workload should be rearchitected instead of migrated or upgraded. Doing so may save you from additional management costs by taking advantage of PaaS and SaaS solutions – all with the goal of reducing your overall technical debt.

Assess What You Have and Where You Need to Focus

If you are unsure of what blind spots you may have in your environment, we recommend engaging a third-party (like Core BTS) to perform an assessment that scans your environment and helps you determine what you have and where you may need to focus and prioritize.

Starting with an assessment will help you determine a better strategy for your organization, as well as educate you on what it’s going to take to migrate. Although strategic assessments from professional services partners are an investment, helping you firmly support your strategy with industry-leading expertise will set you up for success and reduce the time it will take to update your IT environment. It will also help you be fully aware of the costs and timelines needed so you can balance those with your budgets for the next 3-5 years.

Set Yourself Up for Success with a Custom Assessment

If you’re concerned about compliance or business requirements requiring you to maintain an on-premises environment, we can help you identify the best approach for your specific needs. Our thorough Modern Datacenter Strategy Assessments can be customized to fit your specific needs.

And if you’re ready to determine if the Cloud is right for you, our Azure Accelerate program is designed to operationalize cloud adoption through structured analysis, financial planning, and roadmap development.

Contact us to discover the ROI associated with moving workloads into the cloud, as well as build the roadmap to actually do it while helping you formulate a plan for modernizing your on-premises environments.

Frequently Asked Questions

When is SQL Server 2012 end-of-life ?

Extended support for Microsoft SQL Server 2012 ended on July 12, 2022. If you haven’t migrated or upgraded your SQL Server yet, then it’s critical you do so immediately to mitigate your risk. Contact us today to discuss your options.

When is Windows Server 2012 and 2012 R2 end-of-life ?

Extended support for Windows Server 2012 and 2012 R2 ends on October 10, 2023. We recommend you review the business implications and our recommended next steps to ensure your business is secure before support ends. Contact us today to discuss your options.

What Does Microsoft End-of-Life Mean?

End of Servicing

When a specific version, feature update, or servicing channel of a product will no longer receive quality or security updates, it has reached the end of servicing.

End of Support

End of Support is the end of Extended Support for products governed by the Fixed Policy (when support and servicing will no longer be available). Customers may purchase paid programs for applicable products.

Extended Security Update (ESU) Program

The Extended Security Update (ESU) program is a last resort option for customers who need to run certain legacy Microsoft products past the end of support. It includes Critical and / or Important security updates, as defined by the Microsoft Security Response Center (MSRC), for a maximum of three years after the product’s End of Extended Support date.

Windows Server Lifecycle Dates

VersionRelease YearMainstream Support End YearExtended Support End Year
Windows Server 2022202120262031
Windows Server 2019201820242029
Windows Server 2016201620222027
Windows Server 2012201220182023
Windows Server 2012 R2201320182023
Windows Server 2008200820152020
Windows Server 2008 R2200920152020
Windows Server 2003200320102015
Windows Server 2003 R2200620102015
Microsoft Windows Server Lifecycle Information Page

SQL Server Lifecycle Dates

VersionRelease YearMainstream Support End YearExtended Support End Year
SQL Server 2022202220282033
SQL Server 2019201920252030
SQL Server 2017201720222027
SQL Server 2016201620212026
SQL Server 2014201420192024
SQL Server 2012201220172022
SQL Server 2008 R2201020122019
SQL Server 2008200820122019
SQL Server 2025200620112016
SQL Server 2000200020052013
Microsoft SQL Server Lifecycle Information Page

New call-to-action


[1] Operating system environment is an operating system instance running on either a physical device, virtual machine, or hardware partition.

Alejandro Vazquez (Alex) is the Director of Consulting Services of the Hybrid Infrastructure Practice at Core BTS. In his 20+ years of experience, he has worked on large-scale cloud migration efforts and has helped many organizations plan their management strategies for migration and initial planning - as well as helping them operationalize the cloud.

Subscribe to our Newsletter

Stay informed on the latest technology news and trends

Relevant Insights

Building a Corporate AI Governance Policy

Here are ways to govern your use of AI so it aligns with corporate goals and minimizes risk Artificial intelligence...
Read More about Building a Corporate AI Governance Policy

The Data Center and Cloud Checklist for M&A and Divestiture Projects

Discover the essential components of a comprehensive data center assessment and how to ensure your new infrastructure meets current and...
Read More about The Data Center and Cloud Checklist for M&A and Divestiture Projects

How To Assess Your IT Infrastructure

Take these steps to ensure that your IT infrastructure meets the expectations of your board or leadership team Regular assessments...
Read More about How To Assess Your IT Infrastructure