{"_type": "sec_certs.sample.fips.FIPSCertificate", "dgst": "033581b0970477af", "cert_id": 4512, "web_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.WebData", "module_name": "Secure Kernel Code Integrity", "validation_history": [{"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry", "date": "2023-05-05", "validation_type": "Initial", "lab": "Leidos Accredited Testing & Evaluation (AT&E) Lab"}], "vendor_url": "http://www.microsoft.com", "vendor": "Microsoft Corporation", "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf", "module_type": "Software", "standard": "FIPS 140-2", "status": "active", "level": 1, "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #4339 operating in FIPS mode, Windows Resume validated to FIPS 140-2 under Cert. #4348 operating in FIPS mode, or TCB Launcher validated to FIPS 140-2 under Cert. #4457 operating in FIPS mode", "exceptions": ["Physical Security: N/A", "Design Assurance: Level 2"], "embodiment": "Multi-Chip Stand Alone", "description": "Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed.", "tested_conf": ["Windows 10 Education May 2019 Update (x64) running on a Microsoft Surface Laptop 2 with an Intel Core i5-8350U with PAA [1]", "Windows 10 Education May 2020 Update (x64) running on a Microsoft Surface Go with an Intel Pentium Gold 4415Y with PAA [3]", "Windows 10 Education November 2019 Update (x64) running on a Microsoft Surface Go with an Intel Pentium Gold 4415Y with PAA [2]", "Windows 10 Enterprise May 2019 Update (x64) running on a Dell Latitude 5290 with an Intel Core i7-8650U with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7-8650U with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on a Microsoft Surface Laptop 2 with an Intel Core i5-8350U with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on a Microsoft Surface Pro 6 with an Intel Core i5-8250U with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on a Microsoft Surface Studio 2 with an Intel Core i7-7820HQ with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on a Samsung Galaxy Book 12\" with an Intel Core i5-7200 with PAA [1]", "Windows 10 Enterprise May 2019 Update (x64) running on an HP EliteBook x360 830 G5 with an Intel Core i5-8350U with PAA [1]", "Windows 10 Enterprise May 2020 Update (ARM64) running on a Microsoft Surface Pro X with a Microsoft SQ1 with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Dell Latitude 5300 2-in-1 with an Intel Core i7-8665U with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7-8650U with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Microsoft Surface Go 2 LTE with an Intel Pentium Gold 4425y with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Microsoft Surface Pro 6 with an Intel Core i7-8650U with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Microsoft Surface Pro 7 with an Intel Core i3-1005G1 with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on a Panasonic Toughbook FZ 55 with an Intel Core i5-8365U with PAA [3]", "Windows 10 Enterprise May 2020 Update (x64) running on an HP EliteBook x360 830 G6 with an Intel Core i7-8565U with PAA [3]", "Windows 10 Enterprise November 2019 Update (x64) running on a Dell Latitude 5300 2-in-1 with an Intel Core i7-8665U with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7-8650U with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Microsoft Surface Go LTE with an Intel Pentium Gold 4415Y with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Microsoft Surface Laptop 3 with an Intel Core i5-1035G7 with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Microsoft Surface Pro 6 with an Intel Core i5-8250U with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Panasonic Toughbook CF-33 with an Intel Core i5-7300U with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on a Samsung Galaxy Book 12\" with an Intel Core i5-7200 with PAA [2]", "Windows 10 Enterprise November 2019 Update (x64) running on an HP EliteBook x360 830 G6 with an Intel Core i7-8565U with PAA [2]", "Windows 10 Pro May 2019 Update (x64) running on a Dell Latitude 12 Rugged Tablet with an Intel Core i5-8350U with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7-8650U with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Microsoft Surface Go with an Intel Pentium Gold 4415Y with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Microsoft Surface Laptop 2 with an Intel Core i5-8350U with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Microsoft Surface Pro 6 with an Intel Core i5-8250U with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Panasonic Toughbook CF-33 with an Intel Core i5-7300U with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on a Samsung Galaxy Book 10.6\" with an Intel Core m3-7Y30 with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on an HP Slimline Desktop with an Intel Pentium J4205 with PAA [1]", "Windows 10 Pro May 2019 Update (x64) running on an HP ZBook 15 G5 with an Intel Core i5-8400H with PAA [1]", "Windows 10 Pro May 2020 Update (x64) running on a Dell Latitude 7200 2-in-1 with an Intel Core i7-8665U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Dynabook TECRA-X50-F with an Intel Core i7-8565U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Go 2 with an Intel Core m3-8100Y with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Go LTE with an Intel Core i7-8665U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Laptop 2 with an Intel Core i5-8350U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Laptop 3 with an Intel Core i5-1035G7 with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5-7300U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on a Microsoft Surface Studio 2 with an Intel Core i7-7820HQ with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on an HP ProBook 650 G5 with an Intel Core i7-8665U with PAA [3]", "Windows 10 Pro May 2020 Update (x64) running on an HP ZBook 15 G6 with an Intel Core i7-9850H with PAA [3]", "Windows 10 Pro May 2020 Update (x86) running on a Dell Inspiron 660s with an Intel Core i3-2120 without PAA [3]", "Windows 10 Pro November 2019 Update (x64) running on a Dell Latitude 7200 2-in-1 with an Intel Core i7-8665U with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on a Microsoft Surface Laptop 2 with an Intel Core i5-8350U with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on a Microsoft Surface Pro 7 with an Intel Core m3-7Y30 with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5-7300U with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on a Microsoft Surface Studio 2 with an Intel Core i7-7820HQ with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on a Samsung Galaxy Book 10.6\" with an Intel Core m3-7Y30 with PAA [2]", "Windows 10 Pro November 2019 Update (x64) running on an HP ProBook 650 G5 with an Intel Core i7-8665U with PAA [2]", "Windows 10 Pro November 2019 Update (x86) running on a Dell Inspiron 660s with an Intel Core i3-2120 without PAA [2]", "Windows Server Core (x64) on Hyper-V on Microsoft Windows Server 2016 running on a Dell PowerEdge R7425 with an AMD EPYC 7251 with PAA [1]", "Windows Server Core (x64) on Hyper-V on Microsoft Windows Server 2019 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA [1]", "Windows Server Core (x64) running on a Dell PowerEdge R7425 with an AMD EPYC 7251 with PAA [1]", "Windows Server Core Datacenter May 2020 Update (x64) on Hyper-V on Microsoft Windows Server 2019 running on a Dell Precision 5810 with an Intel Xeon E5-1620 v3 with PAA [3]", "Windows Server Core Datacenter May 2020 Update (x64) running on a Dell PowerEdge R640 with an Intel Xeon Gold 6230 with PAA [3]", "Windows Server Core Datacenter May 2020 Update (x64) running on a Dell PowerEdge R740 with an Intel Xeon Platinum 8268 with PAA [3]", "Windows Server Core May 2020 Update (x64) on Hyper-V Microsoft Windows Server 2016 running on a Dell PowerEdge R740 with an Intel Xeon Platinum 8268 with PAA [3]", "Windows Server Core May 2020 Update (x64) on Hyper-V on Microsoft Windows Server 2019 running on a Dell Precision 5810 with an Intel Xeon E5-1620 v3 with PAA [3]", "Windows Server Core May 2020 Update (x64) running on a Dell PowerEdge R7515 with an AMD EPYC 7702P with PAA [3]", "Windows Server Datacenter Core (x64) on Hyper-V on Microsoft Windows Server 2019 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA [1]", "Windows Server Datacenter Core (x64) running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA [1]", "Windows Server Datacenter November 2019 Update (x64) on Hyper-V on Microsoft Windows Server 2019 on Dell PowerEdge R740 with an Intel Xeon Platinum 8268 with PAA [2]", "Windows Server Datacenter November 2019 Update (x64) running on a Dell PowerEdge R740 with an Intel Xeon Platinum 8268 with PAA [2]", "Windows Server November 2019 Update (x64) on Hyper-V on Microsoft Windows Server 2016 on Dell PowerEdge R7425 with an AMD EPYC 7251 with PAA [2]", "Windows Server November 2019 Update (x64) running on a Dell PowerEdge R7425 with an AMD EPYC 7251 with PAA [2] (single-user mode)"], "hw_versions": null, "fw_versions": null, "sw_versions": "10.0.18362[1], 10.0.18363[2] and 10.0.19041[3]", "mentioned_certs": {"4339": 1, "4348": 1, "4457": 1}, "historical_reason": null, "date_sunset": "2026-09-21", "revoked_reason": null, "revoked_link": null}, "pdf_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData", "keywords": {"fips_cert_id": {"Cert": {"#4339": 3, "#4348": 3, "#4457": 2}}, "fips_security_level": {}, "fips_certlike": {"Certlike": {"SHA-256": 16, "SHA-1": 5, "SHA-384": 2, "SHA- 512": 1, "SHA- 384": 1, "SHA-512": 4, "SHA1": 2, "SHA-2": 2, "SHA2": 1, "RSA PKCS#1": 8, "PKCS#1": 10, "AES CBC 128 and 256": 3}}, "vendor": {"Samsung": {"Samsung": 4}, "Microsoft": {"Microsoft Corporation": 29, "Microsoft": 55}}, "eval_facility": {}, "symmetric_crypto": {"AES_competition": {"AES": {"AES": 8}}}, "asymmetric_crypto": {}, "pq_crypto": {}, "hash_function": {"SHA": {"SHA1": {"SHA-1": 5, "SHA1": 2}, "SHA2": {"SHA-256": 16, "SHA-384": 2, "SHA-512": 4, "SHA-2": 2, "SHA2": 1}}}, "crypto_scheme": {}, "crypto_protocol": {"TLS": {"SSL": {"SSL": 2}}}, "randomness": {}, "cipher_mode": {"CBC": {"CBC": 3}, "XTS": {"XTS": 3}}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"FIPS": {"FIPS 140": 4, "FIPS 140-2": 6, "FIPS 186-4": 8, "FIPS 180-4": 8, "FIPS 197": 3}, "NIST": {"NIST SP 800-38E": 3}, "PKCS": {"PKCS#1": 9}}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {}}, "policy_metadata": {"pdf_file_size_bytes": 649986, "pdf_is_encrypted": false, "pdf_number_of_pages": 26, "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId": "72f988bf-86f1-41af-91ab-2d7cd011db47", "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method": "Standard", "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled": "True", "/Title": "Microsoft Security Policy Document", "/Author": "Microsoft Corporation", "/Subject": "FIPS Certification", "/Creator": "Microsoft\u00ae Word for Microsoft 365", "/CreationDate": "D:20230419145653-07'00'", "/ModDate": "D:20230419145653-07'00'", "/Producer": "Microsoft\u00ae Word for Microsoft 365", "pdf_hyperlinks": {"_type": "Set", "elements": ["https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4457", "http://creativecommons.org/licenses/by-nd-nc/1.0/", "https://www.microsoft.com/en-us/howtotell/default.aspx", "https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation", "https://www.microsoft.com/en-us/windows", "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4348", "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4339"]}}}, "heuristics": {"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics", "algorithms": {"_type": "Set", "elements": ["RSA#C1367", "AES#C1897", "RSA#C785", "RSA#C1947", "AES#C785", "RSA#C1363", "RSA#C795", "SHS#C1363", "SHS#C785", "AES#C1363", "RSA#C1897", "SHS#C1897"]}, "extracted_versions": {"_type": "Set", "elements": ["-"]}, "cpe_matches": null, "verified_cpe_matches": null, "related_cves": null, "policy_prunned_references": {"_type": "Set", "elements": ["4348", "4339", "4457"]}, "module_prunned_references": {"_type": "Set", "elements": ["4348", "4457", "4339"]}, "policy_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": {"_type": "Set", "elements": ["4538", "4825", "4536", "4537"]}, "indirectly_referenced_by": {"_type": "Set", "elements": ["4825", "4536", "4537", "4538"]}, "directly_referencing": {"_type": "Set", "elements": ["4348", "4457", "4339"]}, "indirectly_referencing": {"_type": "Set", "elements": ["4348", "4457", "3923", "4339"]}}, "module_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": {"_type": "Set", "elements": ["4538", "4825", "4536", "4537"]}, "indirectly_referenced_by": {"_type": "Set", "elements": ["4825", "4536", "4537", "4538"]}, "directly_referencing": {"_type": "Set", "elements": ["4348", "4339", "4457"]}, "indirectly_referencing": {"_type": "Set", "elements": ["4348", "4339", "3923", "4457"]}}, "direct_transitive_cves": null, "indirect_transitive_cves": null}, "state": {"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState", "module_download_ok": true, "policy_download_ok": true, "policy_convert_ok": true, "module_extract_ok": true, "policy_extract_ok": true, "policy_pdf_hash": "90a049747fc649d2bee7f798b99340dc4c77286cab59bf8350587deb77c61778", "policy_txt_hash": "8b03a14c4f38b451d1c44c9a287f50c20e8039dfd119ccab08814d897257b8c4", "policy_json_hash": null}}