Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5145 CRITICAL 123 HIGH 3506 MEDIUM 1446 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • Microsoft
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
4001 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 55 1326 429 5
4002 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 95 2505 893 11
4003 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 104 2591 1017 15
4004 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 95 2213 917 50
4005 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
4006 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
4007 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
4008 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
4009 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
4001 5.5
2.1 		MEDIUM
Local 		The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerab… CWE-200
Information Exposure 		CVE-2017-8680 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4002 6.8
4.3 		MEDIUM
Adjacent 		Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation … NVD-CWE-noinfo
CVE-2017-8628 cpe:2.3:o:microsoft:windows_server_2008:-:sp2 2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4003 5.3
1.9 		MEDIUM
Local 		The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an i… CWE-200
Information Exposure 		CVE-2017-8707 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1 2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4004 7.0
7.6 		HIGH
Local 		Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows… CWE-20
 Improper Input Validation  		CVE-2017-8699 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4005 7.5
7.6 		HIGH
Network 		Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8696 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1
cpe:2.3:o:microsoft:windows_server_2008:-:sp2 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4006 5.3
2.6 		MEDIUM
Network 		Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Off… CWE-200
Information Exposure 		CVE-2017-8695 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:gold
cpe:2.3:o:microsoft:w… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4007 5.5
2.1 		MEDIUM
Local 		Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 20… CWE-200
Information Exposure 		CVE-2017-8688 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4008 5.5
2.1 		MEDIUM
Local 		The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and W… CWE-200
Information Exposure 		CVE-2017-8687 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4009 8.8
9.3 		HIGH
Network 		Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 20… CWE-20
 Improper Input Validation  		CVE-2017-8682 cpe:2.3:o:microsoft:windows_server_2016:-:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm
4010 5.5
2.1 		MEDIUM
Local 		The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and W… CWE-200
Information Exposure 		CVE-2017-8681 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:34
2017-09-13 		Show GitHub Exploit DB Packet Storm