Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Number Of NVD 3854 CRITICAL 65 HIGH 2644 MEDIUM 1087 LOW 58
URL https://www.microsoft.com/
Explanation For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • Microsoft
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://www.microsoft.com/ja-jp/atlife/article-windows10-portal-eos.aspx
2 https://support.microsoft.com/help/14085/fixed-lifecycle-policy
3 https://support.microsoft.com/help/30881/modern-lifecycle-policy
4 https://support.microsoft.com//lifecycle/search
5 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
6 https://support.microsoft.com/ja-jp/help/4057281/windows-7-support-ended-on-january-14-2020
7 https://docs.microsoft.com/ja-jp/windows/release-information/
8 https://docs.microsoft.com/ja-jp/lifecycle/faq/extended-security-updates

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
111 Windows 11 25H2 Sept. 30, 2025 Oct. 4, 2021 Oct. 12, 2027 Oct. 10, 2028 0 0 0 0
112 Windows 11 23H2 Oct. 31, 2023 Oct. 4, 2021 15 425 130 3
113 Windows 11 24H2 Oct. 1, 2024 Oct. 4, 2021 Oct. 13, 2026 Oct. 12, 2027 0 0 0 0
114 Windows 10 (Enterprise, Education, Pro, Pro for Workstations, IoT, Home) 22H2 Oct. 18, 2022 July 29, 2015 Oct. 14, 2025 57 2049 872 33
115 Windows Phone 8.1 June 24, 2014 July 11, 2017 0 0 0 0
116 Windows RT 8.1 Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 27 1228 494 38
117 Windows Embedded 8.1 Pro Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 30 1296 503 34
118 Windows 8.1 Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 30 1296 503 34
119 Windows Phone 7.8 Feb. 9, 2013 Oct. 14, 2014 0 0 0 0
120 Windows 8 Oct. 30, 2012 Jan. 12, 2016 0 167 56 24
121 Windows Embedded Standard 7(Service Pack 1適用) July 29, 2010 Oct. 13, 2015 Oct. 13, 2020 0 0 0 0
122 Windows 7 Oct. 22, 2009 Jan. 13, 2015 April 9, 2013 Jan. 14, 2020 29 1407 538 31
123 Windows Vista Jan. 25, 2007 April 10, 2012 April 13, 2010 April 11, 2017 1 264 67 20
124 Windows XP Embedded Jan. 30, 2002 Jan. 12, 2016 2 287 85 0
125 Windows XP Dec. 31, 2001 April 8, 2014 2 287 85 0
126 Windows Millennium Edition Dec. 31, 2000 Dec. 31, 2003 July 11, 2006 0 1 1 0
127 Microsoft Windows 2000 Professional March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
128 Windows 98 Second Edition June 30, 1999 June 30, 2002 July 11, 2006 1 1 1 0
129 Windows 98 Standard Edition June 30, 1998 June 30, 2002 July 11, 2006 1 2 2 0
130 Windows 95 Aug. 24, 1995 Dec. 31, 2001 0 3 2 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
111 8.8
-
HIGH
Network
Windows SMB Witness Service Elevation of Privilege Vulnerability CWE-269
 Improper Privilege Management
CVE-2023-21549 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
112 8.1
-
HIGH
Network
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-21548 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
113 8.1
-
HIGH
Network
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability CWE-362
Race Condition
CVE-2023-21546 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
114 8.1
-
HIGH
Network
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-21543 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
115 7.0
-
HIGH
Local
Windows Installer Elevation of Privilege Vulnerability CWE-362
CWE-269
Race Condition
 Improper Privilege Management
CVE-2023-21542 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
116 7.8
-
HIGH
Local
Windows Task Scheduler Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2023-21541 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
117 7.8
-
HIGH
Local
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2023-21537 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
118 8.1
-
HIGH
Network
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability CWE-362
NVD-CWE-noinfo
Race Condition
CVE-2023-21535 cpe:2.3:o:microsoft:windows_8.1:-:*
cpe:2.3:o:microsoft:windows_8.1:-:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
119 7.0
-
HIGH
Local
Windows GDI Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2023-21532 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm
120 5.3
-
MEDIUM
Network
Remote Procedure Call Runtime Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2023-21525 cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_7:-:sp1
cpe:2.3:o:microsoft:windows_8.1:-:*
cp…
2024-11-21 16:43
2023-01-11
Show GitHub Exploit DB Packet Storm