CCE-15102-7Platform: cpe:/o:microsoft:windows_10 | Date: (C)2010-09-25 (M)2023-07-04 |
Windows 10 is maintained by Microsoft at servicing levels for specific periods of time to support Windows as a Service. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation.
New versions with feature updates are planned to be released on a semi-annual basis with an estimated support timeframe of 18 to 30 months depending on the release. Support for previously released versions has been extended for Enterprise editions.
A separate servicing branch intended for special purpose systems is the Long-Term Servicing Channel (LTSC, formerly Branch - LTSB), which will receive security updates for 10 years but excludes feature updates.
Fix:
Update systems on the Semi-Annual Channel to "Microsoft Windows Version 20H2 (OS Build 190xx.x)" or greater.
It is recommended systems be upgraded to the most recently released version.
Special-purpose systems using the LTSCB may be at the following versions:
v1507 (Build 10240)
v1607 (Build 14393)
v1809 (Build 17763)
v21H2 (Build 19044)
Parameter:
[10240]
Technical Mechanism:
Update systems on the Semi-Annual Channel to "Microsoft Windows Version 20H2 (OS Build 190xx.x)" or greater.
It is recommended systems be upgraded to the most recently released version.
Special-purpose systems using the LTSC\B may be at the following versions:
v1507 (Build 10240)
v1607 (Build 14393)
v1809 (Build 17763)
v21H2 (Build 19044)
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85541 |