Common Criteria certifications

Microsoft is committed to optimizing the security of its products and services. As part of that commitment, Microsoft supports the Common Criteria Certification Program, ensures that products incorporate the features and functions required by relevant Common Criteria Protection Profiles, and completes Common Criteria certifications of Microsoft Windows products. This topic lists the current and archived certified Windows products, together with relevant documentation from each certification.

Certified products

The product releases below are currently certified against the cited Protection Profile, as listed on the Common Criteria Portal:

  • The Security Target describes the product edition(s) in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation
  • The Administrative Guide provides guidance on configuring the product to match the evaluated configuration
  • The Certification Report or Validation Report documents the results of the evaluation by the validation team, with the Assurance Activity Report providing details on the evaluator's actions

For more details, expand each product section.


Windows 10, version 2004, Windows Server, version 2004, Windows Server Core Datacenter (Azure Fabric Controller), Windows Server Core Datacenter (Azure Stack)

Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients and the Module for Virtual Private Network Clients

Windows 10, version 1909, Windows Server, version 1909, Windows Server 2019, version 1809 Hyper-V

Certified against the Protection Profile for Virtualization, including the Extended Package for Server Virtualization.

Windows 10, version 1909, Windows Server, version 1909

Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients and the Module for Virtual Private Network Clients.

Windows 10, version 1903, Windows Server, version 1903

Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients.

Windows 10, version 1809, Windows Server, version 1809

Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients.

Windows 10, version 1803, Windows Server, version 1803

Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients.

Windows 10, version 1709, Windows Server, version 1709

Certified against the Protection Profile for General Purpose Operating Systems.

Windows 10, version 1703, Windows Server, version 1703

Certified against the Protection Profile for General Purpose Operating Systems.

Windows 10, version 1607, Windows Server 2016

Certified against the Protection Profile for General Purpose Operating Systems.

Windows 10, version 1507, Windows Server 2012 R2

Certified against the Protection Profile for General Purpose Operating Systems.

Archived certified products

The product releases below were certified against the cited Protection Profile and are now archived, as listed on the Common Criteria Portal:

  • The Security Target describes the product edition(s) in scope, the security functionality in the product, and the assurance measures from the Protection Profile used as part of the evaluation
  • The Administrative Guide provides guidance on configuring the product to match the evaluated configuration
  • The Certification Report or Validation Report documents the results of the evaluation by the validation team, with the Assurance Activity Report providing details on the evaluator's actions

For more details, expand each product section.


Windows Server 2016, Windows Server 2012 R2, Windows 10

Certified against the Protection Profile for Server Virtualization.

Windows 10, version 1607, Windows 10 Mobile, version 1607

Certified against the Protection Profile for Mobile Device Fundamentals.

Windows 10, version 1607, Windows Server 2016

Certified against the Protection Profile for IPsec Virtual Private Network (VPN) Clients.

Windows 10, version 1511

Certified against the Protection Profile for Mobile Device Fundamentals.

Windows 10, version 1507, Windows 10 Mobile, version 1507

Certified against the Protection Profile for Mobile Device Fundamentals.

Windows 10, version 1507

Certified against the Protection Profile for IPsec Virtual Private Network (VPN) Clients.

Windows 8.1 with Surface 3, Windows Phone 8.1 with Lumia 635 and Lumia 830

Certified against the Protection Profile for Mobile Device Fundamentals.

Surface Pro 3, Windows 8.1

Certified against the Protection Profile for Mobile Device Fundamentals.

Windows 8.1, Windows Phone 8.1

Certified against the Protection Profile for Mobile Device Fundamentals.

Windows 8, Windows Server 2012

Certified against the Protection Profile for General Purpose Operating Systems.

Windows 8, Windows RT

Certified against the Protection Profile for General Purpose Operating Systems.

Windows 8, Windows Server 2012 BitLocker

Certified against the Protection Profile for Full Disk Encryption.

Windows 8, Windows RT, Windows Server 2012 IPsec VPN Client

Certified against the Protection Profile for IPsec Virtual Private Network (VPN) Clients.

Windows 7, Windows Server 2008 R2

Certified against the Protection Profile for General Purpose Operating Systems.

Microsoft Windows Server 2008 R2 Hyper-V Role
Windows Vista, Windows Server 2008 at EAL4+
Windows Vista, Windows Server 2008 at EAL1
Microsoft Windows Server 2008 Hyper-V Role
Windows Server 2003 Certificate Server
Windows Rights Management Services