Elasticsearch

by Elasticv7.16.3

Last updated Jun 8, 2026

Elasticsearch is a distributed, RESTful search and analytics engine

Install with winget

$ winget install --id Elastic.Elasticsearch --exact --version 7.16.3

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Elasticsearch

Elasticsearch uses MSI (WiX). The silent install switches are /quiet /norestart.

One-line silent install (x64)

msiexec.exe /i elasticsearch-7.16.3.msi /quiet /norestart

See the full silent install reference for Elasticsearch →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Elasticsearch is the distributed, RESTful search and analytics engine at the heart of the Elastic Stack.

You can use Elasticsearch to store, search, and manage data for:

• Logs

• Metrics

• A search backend

• Application monitoring

• Endpoint security

and more!

Installers · v7.16.3

Architecture	Type	Scope	Install	Download
x64	MSI WiX	-		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

25 known CVEs via NVD

medium4.9Fix in v8.19.8CVE-2025-68390affects before 8.19.8, 9.1.8, 9.2.2Dec 18, 2025
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Vendor advisory
medium6.5Fix in v8.19.9CVE-2025-68384affects before 8.19.9, 9.1.9, 9.2.3Dec 18, 2025
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data.
Vendor advisory
medium6.8Fix in v8.19.8CVE-2025-37731affects before 8.19.8, 9.1.8, 9.2.2Dec 15, 2025
Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.
Vendor advisory
medium5.7Fix in v8.18.8CVE-2025-37727affects before 8.18.8, 8.19.5, 9.0.8, 9.1.5Oct 9, 2025
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
Vendor advisory
medium6.5Fix in v7.17.25CVE-2024-52979affects before 7.17.25, 8.16.0May 1, 2025
Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial of Service by causing the Elasticsearch node to crash.
Patch Vendor advisory
medium4.9Patched in wingetCVE-2024-52981affects before 7.17.24, 8.15.1Apr 8, 2025
An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.
Patch Vendor advisory
medium6.5Patched in wingetCVE-2024-52980affects before 8.15.1Apr 8, 2025
A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privi...
Patch Vendor advisory
medium6.5Patched in wingetCVE-2024-43709affects before 7.17.21, 8.13.3Jan 21, 2025
An allocation of resources without limits or throttling in Elasticsearch can lead to an OutOfMemoryError exception resulting in a crash via a specially crafted query using an SQL function.
Vendor advisory

Showing 8 of 25. Source: NVD, updated just now. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Beats winlogbeatElastic
Elastic.Winlogbeatv9.4.2
Fetches and ships Windows Event logs
Beats packetbeatElastic
Elastic.Packetbeatv9.4.2
Monitors the network and applications by sniffing packets
Beats metricbeatElastic
Elastic.Metricbeatv9.4.2
Fetches sets of metrics from the operating system and services
Beats heartbeatElastic
Elastic.Heartbeatv9.4.2
Ping remote services for availability
Beats functionbeatElastic
Elastic.Functionbeatv8.17.3
Ship cloud data with serverless infrastructure.
Beats filebeatElastic
Elastic.Filebeatv9.4.2
Tails and ships log files

More from Elastic or browse search-engine.

Frequently asked questions

How do I install Elasticsearch on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Elastic.Elasticsearch --exact --version 7.16.3. winget downloads the installer from Elastic and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Elasticsearch silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Elastic.Elasticsearch --exact 7.16.3 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Elasticsearch?

Elasticsearch uses MSI (WiX). Run the downloaded installer with: msiexec.exe /i elasticsearch-7.16.3.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall Elasticsearch via winget?

Run: winget uninstall --id Elastic.Elasticsearch --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Elasticsearch's Apps & Features entry.

Is Elasticsearch free?

Elasticsearch is distributed under Dual licensed under the Elastic License and the Server Side Public License. Refer to the publisher (https://www.elastic.co/downloads/elasticsearch) for the full license terms - Wingetly itself does not charge for installation.

Does Elasticsearch work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Elasticsearch directly from the publisher.

How do I keep Elasticsearch up to date?

Run winget upgrade --id Elastic.Elasticsearch --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of Elasticsearch from microsoft/winget-pkgs.

Recent versions

7.16.3latest
7.16.2
7.15.1
7.14.2
7.14.1
7.14.0
7.13.4
7.13.3
7.13.2
7.13.1