9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft-Office-Professional-Plus-2010
CVE-2019-0540 warning
CVE-2019-0670 high
CVE-2019-0675 critical
CVE-2019-0668 high
CVE-2019-0673 critical
CVE-2019-0604 critical
CVE-2019-0669 warning
CVE-2019-0672 critical
CVE-2019-0674 critical
CVE-2019-0594 high
CVE-2019-0671 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4018294
support.microsoft.com/kb/4018300
support.microsoft.com/kb/4018313
support.microsoft.com/kb/4092465
support.microsoft.com/kb/4461597
support.microsoft.com/kb/4461607
support.microsoft.com/kb/4461608
support.microsoft.com/kb/4461630
support.microsoft.com/kb/4462115
support.microsoft.com/kb/4462138
support.microsoft.com/kb/4462139
support.microsoft.com/kb/4462143
support.microsoft.com/kb/4462146
support.microsoft.com/kb/4462154
support.microsoft.com/kb/4462155
support.microsoft.com/kb/4462171
support.microsoft.com/kb/4462174
support.microsoft.com/kb/4462177
support.microsoft.com/kb/4462184
support.microsoft.com/kb/4462186
support.microsoft.com/kb/4462199
support.microsoft.com/kb/4462202
support.microsoft.com/kb/4462211
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0594
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0669
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0670
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0671
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0672
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0673
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0675
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office-Professional-Plus-2010/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%