Microsoft
Security Scorecard
Score
8F
Total CVEs
440
Patch Rate
3%
13 patched
Avg Response
335d
days to patch
Critical Gaps
39
exploitable, no detection
Severity Breakdown
Critical6
High149
Medium224
Low40
Patch Status
Patched13 (3%)
Partial/Workaround7 (2%)
Unpatched420 (95%)
CVEs (443)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-60708 | Storvsp.sys Driver Vulnerability | MEDIUM | 6.5 | 34d | Unpatched |
| CVE-2025-60723 | DirectX Concurrency Denial of Service Vulnerability | MEDIUM | 6.3 | 34d | Unpatched |
| CVE-2025-59513 | Windows Bluetooth RFCOM Protocol Driver Vulnerability | MEDIUM | 5.5 | 34d | Unpatched |
| CVE-2025-62449 | Visual Studio Code CoPilot Chat Extension Vulnerability | MEDIUM | 6.8 | 34d | Unpatched |
| CVE-2025-62453 | GitHub Copilot AI Engine Vulnerability | MEDIUM | 5.0 | 34d | Unpatched |
| CVE-2025-59240 | Excel Vulnerability | MEDIUM | 5.5 | 34d | Unpatched |
| CVE-2025-47179 | Microsoft Configuration Manager Privilege Escalation | MEDIUM | 6.7 | 34d | Unpatched |
| CVE-2025-60711 | Edge Protection Mechanism Bypass | MEDIUM | 6.3 | 46d | Unpatched |
| CVE-2025-59501 | Microsoft Configuration Manager Spoofing Exploit | MEDIUM | 4.8 | 46d | Unpatched |
| CVE-2025-10749 | Azure Storage for WordPress Plugin Vulnerability | MEDIUM | 5.4 | 56d | Unpatched |