Alternatively, the vendor should re-evaluate the product to include application of the patches to fix the security vulnerabilities within the evaluated configuration. If any of these security vulnerabilities are exploitable in the product’s evaluated configuration, the product’s ISO 15408 certification should be voluntarily withdrawn by the vendor. Whether you run Microsoft Windows 2000 in the precise evaluated configuration or not, you should apply Microsoft’s security patches for the vulnerabilities in Windows 2000 as they continue to appear. Since Microsoft Windows 2000 has been ISO 15408 certified, it should only be considered secure in the assumed, specified circumstances, also known as the evaluated configuration, specified by Microsoft. Based on these assumptions, the claimed security functions of the product are evaluated. This is possible because the process of getting an ISO 15408 certification allows a vendor to make certain assumptions about the operating environment and the strength of threats, if any, faced by the product in that environment. It is an ISO 15408 certified product but regular security patches for security vulnerabilities are still published by Microsoft for Windows 2000. “So, if a product is ISO 15408 (Common Criteria) certified, does that mean it is very secure? Let’s take an example of Microsoft Windows 2000.
