10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.8 High
AI Score
Confidence
High
0.975 High
EPSS
Percentile
100.0%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2017-8543 critical
CVE-2017-0284 warning
CVE-2017-8479 warning
CVE-2017-0299 warning
CVE-2017-8485 warning
CVE-2017-0193 critical
CVE-2017-8478 warning
CVE-2017-8488 warning
CVE-2017-8528 critical
CVE-2017-8475 warning
CVE-2017-8476 warning
CVE-2017-8470 warning
CVE-2017-8464 critical
CVE-2017-8480 warning
CVE-2017-8489 warning
CVE-2017-0285 warning
CVE-2017-0300 warning
CVE-2017-8534 high
CVE-2017-8491 warning
CVE-2017-8471 warning
CVE-2017-8477 warning
CVE-2017-8462 warning
CVE-2017-0294 critical
CVE-2017-8472 warning
CVE-2017-8482 warning
CVE-2017-8492 warning
CVE-2017-8490 warning
CVE-2017-8483 warning
CVE-2017-0283 critical
CVE-2017-8484 warning
CVE-2017-8481 warning
CVE-2017-0282 warning
CVE-2017-0260 critical
CVE-2017-8469 high
CVE-2017-0297 warning
CVE-2017-0296 critical
CVE-2017-8473 warning
CVE-2017-8517 critical
CVE-2017-8519 critical
CVE-2017-8529 high
CVE-2017-0286 warning
CVE-2017-0287 warning
CVE-2017-0288 warning
CVE-2017-0289 warning
CVE-2017-8527 critical
CVE-2017-8531 high
CVE-2017-8532 high
CVE-2017-8533 high
CVE-2017-0298 high
CVE-2017-8544 high
CVE-2017-8553 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/3217845
support.microsoft.com/kb/4018106
support.microsoft.com/kb/4021558
support.microsoft.com/kb/4021903
support.microsoft.com/kb/4021923
support.microsoft.com/kb/4022008
support.microsoft.com/kb/4022010
support.microsoft.com/kb/4022013
support.microsoft.com/kb/4022719
support.microsoft.com/kb/4022722
support.microsoft.com/kb/4022883
support.microsoft.com/kb/4022884
support.microsoft.com/kb/4022887
support.microsoft.com/kb/4024402
support.microsoft.com/kb/4034664
support.microsoft.com/kb/4034679
support.microsoft.com/kb/4034741
support.microsoft.com/kb/4036586
support.microsoft.com/kb/4503269
support.microsoft.com/kb/4503292
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0193
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0260
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0282
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0283
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0284
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0285
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0286
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0287
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0288
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0289
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0294
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0296
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0297
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0298
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0299
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0300
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8462
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8464
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8469
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8470
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8471
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8472
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8473
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8475
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8476
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8477
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8478
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8479
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8480
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8481
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8482
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8483
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8484
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8485
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8488
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8489
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8490
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8491
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8492
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8517
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8519
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8527
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8528
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8529
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8531
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8532
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8533
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8534
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8543
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8544
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8553
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Lync-2010-Attendee/
threats.kaspersky.com/en/product/Microsoft-Lync/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Silverlight/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Microsoft-Word/
threats.kaspersky.com/en/product/Windows-RT/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.8 High
AI Score
Confidence
High
0.975 High
EPSS
Percentile
100.0%