Hello all. I am looking for any and all resources that support the argument towards convincing end users or organizations to upgrade from older unsupported versions of Micorosft Office to a current one that is still within support by Microsoft. As an IT person I know how an unpatched product can be exploited so obviously EOSL products are unpatched and thus exploitable, but what I need here is 3rd party materials to provide to a customer so the argument can be made without it appearing that I am biased in the interest of forcing them to upgrade.
I've only just begun on this but for example I thought I had found a great answer in the Sandworm (MDropper) information, but as it turned out the exploit was patched with a Windows update, not an Office update thus useless for my argument.
I suppose I could identify all updates that have been released for Office from April 9 2014 onwards, and try to isolate on one of them that was widely exploited so there'd be some info material to draw from, but ugh, that's got time-consumption written all over it.
Anybody willing to point me down a shorter path?