Microsoft Products Get Security Certified

Microsoft recently took another small step in its Trustworthy Computing initiative by obtaining security certification for a number of updated products.

The offerings that gained Common Criteria certification:

  • Windows Server 2003, Standard Edition (32-bit version) with SP1
  • Windows Server 2003, Enterprise Edition (32-bit and 64-bit versions) with SP1
  • Windows Server 2003, Datacenter Edition (32-bit and 64-bit versions) with SP1
  • Windows Server 2003 Certificate Server, Certificate Issuing and Management Components (CIMC) (Security Level 3 Protection Profile, Version 1.0)
  • Windows XP Professional with SP2
  • Windows XP Embedded with SP2

    Some earlier versions of those products had already attained CC certification, but without the service pack additions. The announcement hasn’t garnered much media attention, but it should boost Microsoft’s security reputation, which continues to suffer hits over vulnerabilities in Internet Explorer.

    That’s because CC certification is independent of Microsoft. CC is an international consortium of organizations that’s established a set of common security standards it applies to products, which are submitted by companies for testing. If the products meet those standards, it’s awarded the CC certification. The higher the certification level, the better it meets agreed-upon security guidelines. And all products, whether they be from Microsoft, Oracle, CA and so on, get tested the same way for the same level. The Microsoft products attained Evaluation Assurance Level (EAL) 4, the top level for operating systems.

    Microsoft compares favorably with other competing OS vendors. For example, Sun Solaris 9 achieved EAL 4; Mac OS X achieved EAL 3; Red Hat Enterprise Linux 3 achieved EAL 2; and SuSE Linux Enterprise Server Version 9, SP2 achieved EAL 3.

  • About the Author

    Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.


    • The 2019 Microsoft Product Roadmap

      From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.

    • 2019 Microsoft Conference Calendar: For Partners, IT Pros and Developers

      Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss this year.

    • New Features Added to Microsoft 365 Business Subscriptions

      Microsoft's productivity and collaboration plan for businesses with fewer than 300 users is getting two new features: conditional access security and trouble-ticket tools for administrators.

    • Microsoft Details 'Wave 2' Release Roadmap for Dynamics 365

      Microsoft this week announced its "Wave 2" product release plans for its Dynamics 365 enterprise resource planning solutions, as well as its Power Platform.

    Most   Popular