Software Detail

Software Informaton Top

Operating Systems

Software Detail

Windows Server

Number Of NVD

5091

CRITICAL

122

HIGH

3461

MEDIUM

1438

LOW

URL	https://www.microsoft.com/
Explanation	Server products offered by Microsoft. For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support). You may need to deploy the latest updates to be eligible for support. For some products, the support organization may be less than 10 years. For consumer and multimedia products, five years of mainstream support at the supported Service Pack level. The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag	商用ライセンス有り Microsoft

Add Information URL

No	Type	Name	URL
1			https://support.microsoft.com//lifecycle/search
2			https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3			https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4			https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
4631	Windows Server 2022	21H2	Nov. 2, 2021	Nov. 2, 2021	Oct. 13, 2026		Oct. 14, 2031	53	1279	421	5
4632	Windows Server 2019	1809	Oct. 2, 2018	Nov. 13, 2018	Jan. 9, 2024		Jan. 9, 2029	94	2460	885	11
4633	Windows Server 2016	20H2	Oct. 20, 2020	Oct. 15, 2016	Jan. 11, 2022		Jan. 12, 2027	103	2553	1010	15
4634	Windows Server 2012		Oct. 30, 2012	Oct. 30, 2012	Oct. 9, 2018		Oct. 10, 2023	94	2178	911	50
4635	Windows Server 2008 R2（ Service Pack 1適用）			Feb. 22, 2011		Jan. 14, 2020		0	0	0	0
4636	Windows Server 2008（Service Pack 2適用）			April 29, 2009		Jan. 14, 2020		0	0	0	0
4637	Microsoft Windows Server 2003（Service Pack 2適用）			May 28, 2003	July 13, 2010		July 14, 2015	0	128	53	15
4638	Microsoft Windows Storage Server 2003			May 5, 2003	Oct. 11, 2011		Oct. 9, 2016	0	128	53	15
4639	Microsoft Windows 2000（Service Pack 4適用）			March 31, 2000	June 30, 2005		July 13, 2010	2	40	19	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or less	Update date Published date	Show Affected	Exploit PoC Search
4631	- 9.3	HIGH	GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attacke…	CWE-20 Improper Input Validation	CVE-2012-0165	cpe:2.3:o:microsoft:windows_server_2008:-:sp2		2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

4632	- 9.3	HIGH	Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP…	CWE-399 Resource Management Errors	CVE-2012-0159	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1 cpe:2.3:o:microsoft:windows_server_2008:r2:*		2024-11-21 10:34 2012-05-9	Show	GitHub Exploit DB Packet Storm

4633	7.8 9.3	HIGH Local	The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and …	CWE-20 Improper Input Validation	CVE-2012-0151	cpe:2.3:o:microsoft:windows_server_2008:r2:sp1 cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:w…		2026-04-22 19:36 2012-04-11	Show	GitHub Exploit DB Packet Storm

4634	- 6.2	MEDIUM	Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as…	NVD-CWE-Other	CVE-2007-6753	cpe:2.3:o:microsoft:windows_server_2008:-:*		2024-11-21 09:40 2012-03-29	Show	GitHub Exploit DB Packet Storm

4635	- 7.2	HIGH	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro…	CWE-20 Improper Input Validation	CVE-2012-0157	cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:win…		2024-11-21 10:34 2012-03-14	Show	GitHub Exploit DB Packet Storm

4636	- 4.3	MEDIUM	DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a d…	CWE-20 Improper Input Validation	CVE-2012-0156	cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:windows_server_2008:r2:*		2024-11-21 10:34 2012-03-14	Show	GitHub Exploit DB Packet Storm

4637	- 4.3	MEDIUM	The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a serie…	CWE-20 Improper Input Validation	CVE-2012-0152	cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:windows_server_2008:r2:*		2024-11-21 10:34 2012-03-14	Show	GitHub Exploit DB Packet Storm

4638	- 5.0	MEDIUM	The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denia…	CWE-399 Resource Management Errors	CVE-2012-0006	cpe:2.3:o:microsoft:windows_server_2008:r2:*		2024-11-21 10:34 2012-03-14	Show	GitHub Exploit DB Packet Storm

4639	- 9.3	HIGH	The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 d…	CWE-94 Code Injection	CVE-2012-0002	cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:windows_server_2008:r2:* cpe:2.3:o:microsoft:win…		2024-11-21 10:34 2012-03-14	Show	GitHub Exploit DB Packet Storm

4640	- 6.4	MEDIUM	The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query,…	NVD-CWE-Other	CVE-2012-1194	cpe:2.3:o:microsoft:windows_server_2008:-:gold cpe:2.3:o:microsoft:windows_server_2008:-:* cpe:2.3:o:microsoft:wi…	-	2024-11-21 10:36 2012-02-18	Show	GitHub Exploit DB Packet Storm