If your systems still rely on Ubuntu 16.04 LTS (Xenial Xerus), it's time to pay attention. The final layer of security coverage, known as Extended Security Maintenance (ESM), officially ended in April 2026. This means your installation is now vulnerable to new exploits. Launched in April 2016, Ubuntu 16.04 enjoyed a standard five-year support period, with an additional five years of security patches available through ESM. However, that extended support has now concluded, leaving users with a critical decision: upgrade or risk exposure. Below, we answer the most pressing questions about this end-of-life milestone and what actions you should take.
What happened to Ubuntu 16.04 LTS security support?
Ubuntu 16.04 LTS has reached its final end-of-life date. After a decade of cumulative support — five years of standard updates plus five years of Extended Security Maintenance (ESM) — all security patches ceased in April 2026. Without these updates, any newly discovered vulnerabilities will remain unpatched, exposing your system to potential attacks. The only way to receive further security fixes is to upgrade to a supported release or, for some enterprise users, to purchase an extended support contract through Ubuntu Pro.
What was the original support timeline for Ubuntu 16.04 LTS?
Ubuntu 16.04 LTS (Xenial Xerus) was released in April 2016. As an LTS (Long-Term Support) version, it received five years of free security updates, ending in April 2021. After that, Extended Security Maintenance (ESM) provided an additional five years of critical security patches — but only for subscribers to Ubuntu Pro. That ESM period concluded in April 2026. So, from release to final ESM end, the total supported lifespan was ten years, with the last five years requiring a paid subscription.
What is Extended Security Maintenance (ESM) and how did it apply to 16.04?
Extended Security Maintenance (ESM) is a Canonical service that delivers critical security updates beyond the standard five-year LTS window. For Ubuntu 16.04, ESM became available once standard support ended in 2021. Users could activate it by subscribing to Ubuntu Pro (which has a free tier for up to five machines). However, even ESM has now expired, meaning that no further patches will be issued for 16.04 — regardless of subscription status. The only exception is if your organisation negotiates a custom support contract directly with Canonical.
Why can't I upgrade directly from Ubuntu 16.04 to a newer LTS?
Unfortunately, there is no direct upgrade path from Ubuntu 16.04 to current LTS versions like 20.04 or 22.04. The upgrade tool supports only one version jump at a time. To move forward, you must upgrade in stages: first from 16.04 to 18.04 LTS, then to 20.04 LTS, and so on. This stepwise approach ensures system stability and package compatibility. Note that both 18.04 and 20.04 also have their own end-of-life dates, so you'll need to plan a full migration to a currently supported release. Alternatively, a fresh install is often simpler and cleaner.
What are my options now that ESM has ended?
You have three main choices:
- Upgrade in stages: Move to 18.04 LTS first, then to 20.04 or 22.04. This retains your data and settings but requires careful testing.
- Perform a fresh install: Reinstall the latest LTS (22.04 or upcoming 24.04) directly on your hardware. This is often the most reliable method, but you'll need to back up and restore your files.
- Pay for extended support: Canonical offers Ubuntu Pro subscriptions with legacy support contracts, but these are typically for enterprise customers with specific needs and are not primarily intended for individual users.
If you do nothing, your system will continue to run but will become increasingly vulnerable. We recommend starting an upgrade plan immediately.
What risks do I face if I keep using Ubuntu 16.04 without updates?
Running an unsupported operating system exposes you to several serious risks:
- Security vulnerabilities: New exploits for the Linux kernel, system libraries, and applications will not be patched, making your system an easy target for attackers.
- Compliance issues: Many regulations (PCI-DSS, HIPAA, GDPR) require timely security updates. Running an end-of-life OS may violate compliance mandates.
- Software incompatibility: Third-party software vendors may drop support for 16.04, leaving you without updates or new versions.
- No official support: You cannot ask Canonical for help if something breaks, and community assistance will dwindle over time.
To protect your data and maintain a healthy system, we strongly recommend upgrading or migrating to a supported release as soon as possible.