The issue focused on software updates for PCs running Microsoft Windows XP and Server 2003. While Microsoft issued software updates for PCs running Windows XP and Server 2003 from 2007 until mid-2010, those updates didn't contain security patches for computers running Windows Vista or Windows Server 2008. That meant hackers could exploit critical vulnerabilities and hackers could exploit legitimate patches for PCs running older versions of Windows.

Microsoft updated PCs running Windows Vista and Windows Server 2008 as soon as possible after those computers reached end of life on October 29, 2010.