8 Microsoft products get EAL 4+ certification

Eight widely used Microsoft applications now have Common Criteria certification at Evaluation Assurance Level (EAL) 4+, company officials announced today.

The Common Criteria are a set of internationally recognized standards of assurance for sharing classified information within and across government agencies. Meeting those standards is essential for companies to win federal contracts that include handling classified information. EAL certifications range from 1 to 7, and 7 is the highest.

The newly certified products are:

  • Microsoft Windows Server 2003, Standard Edition (32-bit) with Service Pack 1.

  • Microsoft Windows Server 2003, Enterprise Edition (32-bit and 64-bit versions) with Service Pack 1.

  • Microsoft Windows Server 2003, Datacenter Edition (32-bit and 64-bit versions) with Service Pack 1.

  • Microsoft Windows Server 2003 Certificate Server, Certificate Issuing and Management Components (CIMC) (Security Level 3 Protection Profile, Version 1.0).

  • Microsoft Windows XP, Professional with Service Pack 2.

  • Microsoft Windows XP, Embedded with Service Pack 2.
  • These products join five other Microsoft products that received EAL 4+ ratings: Internet Security and Acceleration Server 2004, Exchange Server 2003, Windows 2000 Professional, and Windows 2000 Server and Advanced Server.

    The National Information Assurance Partnership, run jointly by the National Institute of Standards and Technology and the National Security Agency, implement the Common Criteria Evaluation and Validation Scheme.

    Featured

    • Workforce
      White House rainbow light shutterstock ID : 1130423963 By zhephotography

      White House rolls out DEIA strategy

      On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

    • Defense
      software (whiteMocca/Shutterstock.com)

      Why DOD is so bad at buying software

      The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

    Stay Connected