Microsoft
Security Scorecard
Score
8F
Total CVEs
440
Patch Rate
3%
13 patched
Avg Response
335d
days to patch
Critical Gaps
39
exploitable, no detection
Severity Breakdown
Critical6
High149
Medium224
Low40
Patch Status
Patched13 (3%)
Partial/Workaround7 (2%)
Unpatched420 (95%)
CVEs (443)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-21298 | Windows OLE Remote Code Execution Vulnerability | CRITICAL | 9.8 | 334d | Unpatched |
| CVE-2024-49112 | Windows LDAP Remote Code Execution Vulnerability | CRITICAL | 9.8 | 367d | Unpatched |
| CVE-2021-34527 | PrintNightmare | HIGH | 8.8 | 124d | Patched |
| CVE-2021-26855 | ProxyLogon | CRITICAL | 9.1 | 245d | Patched |
| CVE-2021-26857 | Exchange Server Remote Code Execution Vulnerability | HIGH | 7.8 | 245d | Patched |
| CVE-2021-26858 | Exchange Server Remote Code Execution Vulnerability | HIGH | 7.8 | 245d | Patched |
| CVE-2021-27065 | Microsoft Exchange Server Remote Code Execution Vulnerability | HIGH | 7.8 | 245d | Patched |
| CVE-2020-1472 | Zerologon | MEDIUM | 5.5 | 443d | Patched |
| CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability | CRITICAL | 10.0 | 477d | Patched |
| CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability | HIGH | 8.1 | 659d | Patched |