Updated Product Servicing Policy for SharePoint 2013

You have a SharePoint 2013 farm on a patch level before April 2017 CU and you plan to keep it running after April 10th, 2018? Start patching!
As communicated earlier, Mainstream support for SharePoint 2013 will end April 10th, 2018. After this date only security fixes will be provided for SharePoint 2013. Regular hotfixes can no longer be requested.
But this is not the only thing to consider after this date: starting with April 10th, 2018 the required patch level to request support for SharePoint 2013 will also change.
Currently all patch levels starting with SharePoint 2013 SP1 are supported. Starting with April 10th, 2018 this will change. In order to request support from Microsoft after April 10th, 2018 the SharePoint server farm has be on a patch level of April 2017 CU or later. A year later, after April 10th, 2019, the SharePoint server farm has be on a patch level of April 2018 CU or later.
This change is outlined in the Updated Product Servicing Policy for SharePoint 2013 published on TechNet.
Below is a table which outlines the required patch level for SharePoint 2013 till end of the extended support phase:

SharePoint Server 2013 and SharePoint Foundation 2013 Releases Support End Date
Service Pack 1 4/10/2018
April 2017 CU – March 2018 CU 4/10/2019
April 2018 CU – all future CUs 4/11/2023



  1. Thank you so much man , YOU ROCK !


  2. Hi Stephen – Any idea when SP2 will be released?


    1. There will not be an SP2.


  3. For “SharePoint Server 2010 Service Pack 2” does it not matter if you’ve got the latest CU applied or the just original SP2 update applied you’re supported either way?


    1. Hi David,

      supported – yes. But you would miss 6 years of security updates.
      As we are releasing around 2-3 security fixes each month that would mean that around 180 security fixes for SharePoint would be missing.
      If the same applies to Windows and .NET fixes then it sums up to several hundred missing security fixes.

      I would not use such a box as a production system and would not even want to have such an vulnerable box in my corporate network with access to other machines.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.