We just updated the Windows Embedded lifecycle page at http://www.microsoft.com/windowsembedded/en-us/product-lifecycles.aspx to clarify end of availability and end of support for embedded products. the previous version of this page only listed the end of availability dates which is often a later date than the end of support date.
I strongly recommend that everyone uses a product that is in support and that they apply all available security updates to help protect against attack. However we do continue to make product available until a later date for OEMs that have a product in production and used in an isolated locked down environment. It is the OEM's responsibility to ensure that this gives their system adequate security.
Let me know if you have any questions on the embedded lifecycle.