For most individuals in my profession, any plans that were originally made for today were upended by the recent worldwide cybersecurity event. To assist our customers still on legacy systems, patches for the MS07-010 exploit were made available for Windows Server 2003 and Windows XP. While Windows XP has been out of support since 2014, a solution that still leverages the Windows XP operating system is still in extended support: MED-V 2.0.
While MED-V 2.0 went out of mainstream support in 2016, it still follows the 5+5 policy and will remain in extended support until 2021 (https://support.microsoft.com/en-us/lifecycle/search?alpha=Microsoft%20Enterprise%20Desktop%20Virtualization) however, as mentioned 5 years ago in this post (https://blogs.technet.microsoft.com/gladiatormsft/2012/07/29/how-med-v-affects-windows-xp-end-of-life-support-policy-it-doesnt/) the Windows XP Virtual Machine is not covered by the MED-V support policy and would only be covered by an custom support agreement (CSA.)
Customers who may still be using MED-V ARE AT RISK from the WannaCrypt Ransomware threat and need to take immediate action as if they were still using Windows XP because they technically STILL are. This message is especially for those who may using MED-V without a Windows XP CSA. If you have not already done so, please download this update and deploy to your MED-V images: https://www.microsoft.com/en-us/download/details.aspx?id=55245