Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Number Of NVD 3854 CRITICAL 65 HIGH 2644 MEDIUM 1087 LOW 58
URL https://www.microsoft.com/
Explanation For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • Microsoft
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://www.microsoft.com/ja-jp/atlife/article-windows10-portal-eos.aspx
2 https://support.microsoft.com/help/14085/fixed-lifecycle-policy
3 https://support.microsoft.com/help/30881/modern-lifecycle-policy
4 https://support.microsoft.com//lifecycle/search
5 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
6 https://support.microsoft.com/ja-jp/help/4057281/windows-7-support-ended-on-january-14-2020
7 https://docs.microsoft.com/ja-jp/windows/release-information/
8 https://docs.microsoft.com/ja-jp/lifecycle/faq/extended-security-updates

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
3791 Windows 11 25H2 Sept. 30, 2025 Oct. 4, 2021 Oct. 12, 2027 Oct. 10, 2028 0 0 0 0
3792 Windows 11 23H2 Oct. 31, 2023 Oct. 4, 2021 15 425 130 3
3793 Windows 11 24H2 Oct. 1, 2024 Oct. 4, 2021 Oct. 13, 2026 Oct. 12, 2027 0 0 0 0
3794 Windows 10 (Enterprise, Education, Pro, Pro for Workstations, IoT, Home) 22H2 Oct. 18, 2022 July 29, 2015 Oct. 14, 2025 57 2049 872 33
3795 Windows Phone 8.1 June 24, 2014 July 11, 2017 0 0 0 0
3796 Windows RT 8.1 Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 27 1228 494 38
3797 Windows Embedded 8.1 Pro Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 30 1296 503 34
3798 Windows 8.1 Nov. 13, 2013 Jan. 9, 2018 Jan. 10, 2023 30 1296 503 34
3799 Windows Phone 7.8 Feb. 9, 2013 Oct. 14, 2014 0 0 0 0
3800 Windows 8 Oct. 30, 2012 Jan. 12, 2016 0 167 56 24
3801 Windows Embedded Standard 7(Service Pack 1適用) July 29, 2010 Oct. 13, 2015 Oct. 13, 2020 0 0 0 0
3802 Windows 7 Oct. 22, 2009 Jan. 13, 2015 April 9, 2013 Jan. 14, 2020 29 1407 538 31
3803 Windows Vista Jan. 25, 2007 April 10, 2012 April 13, 2010 April 11, 2017 1 264 67 20
3804 Windows XP Embedded Jan. 30, 2002 Jan. 12, 2016 2 287 85 0
3805 Windows XP Dec. 31, 2001 April 8, 2014 2 287 85 0
3806 Windows Millennium Edition Dec. 31, 2000 Dec. 31, 2003 July 11, 2006 0 1 1 0
3807 Microsoft Windows 2000 Professional March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
3808 Windows 98 Second Edition June 30, 1999 June 30, 2002 July 11, 2006 1 1 1 0
3809 Windows 98 Standard Edition June 30, 1998 June 30, 2002 July 11, 2006 1 2 2 0
3810 Windows 95 Aug. 24, 1995 Dec. 31, 2001 0 3 2 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
3791 7.8
7.2
HIGH
Local
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows… NVD-CWE-noinfo
CVE-2009-1123 cpe:2.3:o:microsoft:windows_xp:-:sp3
cpe:2.3:o:microsoft:windows_xp:-:sp2
cpe:2.3:o:microsoft:windows_xp:-:sp2
2026-04-22 22:52
2009-06-11
Show GitHub Exploit DB Packet Storm
3792 -
10.0
HIGH The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which… CWE-264
Permissions, Privileges, and Access Controls
CVE-2009-0568 cpe:2.3:o:microsoft:windows_vista:-:* 2026-04-23 09:35
2009-06-11
Show GitHub Exploit DB Packet Storm
3793 -
4.9
MEDIUM The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted sep… CWE-200
Information Exposure
CVE-2009-0229 cpe:2.3:o:microsoft:windows_xp:sp3:*
cpe:2.3:o:microsoft:windows_xp:-:sp2
cpe:2.3:o:microsoft:windows_xp:-:*
c…
2026-04-23 09:35
2009-06-11
Show GitHub Exploit DB Packet Storm
3794 -
4.9
MEDIUM Microsoft Windows XP SP3 allows local users to cause a denial of service (system crash) by making an SPI_SETDESKWALLPAPER SystemParametersInfo call with an improperly terminated pvParam argument, fol… NVD-CWE-Other
CVE-2009-1808 cpe:2.3:o:microsoft:windows_xp:-:sp3
cpe:2.3:o:microsoft:windows_xp:-:sp3
cpe:2.3:o:microsoft:windows_xp:-:sp3
2026-04-23 09:35
2009-05-29
Show GitHub Exploit DB Packet Storm
3795 -
9.3
HIGH Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6… NVD-CWE-Other
CVE-2009-0550 cpe:2.3:o:microsoft:windows_vista:gold:*
cpe:2.3:o:microsoft:windows_vista:gold:*
2026-04-23 09:35
2009-04-15
Show GitHub Exploit DB Packet Storm
3796 -
10.0
HIGH Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to exec… CWE-189
Numeric Errors
CVE-2009-0086 cpe:2.3:o:microsoft:windows_vista:gold:* 2026-04-23 09:35
2009-04-15
Show GitHub Exploit DB Packet Storm
3797 -
6.9
MEDIUM The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) a… CWE-269
 Improper Privilege Management
CVE-2009-0080 cpe:2.3:o:microsoft:windows_vista:-:sp1
cpe:2.3:o:microsoft:windows_vista:-:sp1
cpe:2.3:o:microsoft:windows_vista…
2026-04-23 09:35
2009-04-15
Show GitHub Exploit DB Packet Storm
3798 -
7.2
HIGH The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a s… CWE-264
Permissions, Privileges, and Access Controls
CVE-2009-0078 cpe:2.3:o:microsoft:windows_vista:gold:* 2026-04-23 09:35
2009-04-15
Show GitHub Exploit DB Packet Storm
3799 -
7.1
HIGH The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication… CWE-287
Improper Authentication
CVE-2009-0085 cpe:2.3:o:microsoft:windows_vista:gold:* 2026-04-23 09:35
2009-03-11
Show GitHub Exploit DB Packet Storm
3800 -
7.2
HIGH The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers u… CWE-20
 Improper Input Validation 
CVE-2009-0083 cpe:2.3:o:microsoft:windows_vista:gold:* 2026-04-23 09:35
2009-03-11
Show GitHub Exploit DB Packet Storm