8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.1%
12/13/2022
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information.
Public exploits exist for this vulnerability.
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2022-44668
CVE-2022-41121
CVE-2022-41094
CVE-2022-44667
CVE-2022-41076
CVE-2022-44676
CVE-2022-44678
CVE-2022-44681
CVE-2022-44697
CVE-2022-44670
CVE-2022-44666
CVE-2022-41077
CVE-2022-44673
CVE-2022-44675
CVE-2022-41074
CVE-2022-44707
CVE-2022-44682
CVE-2022-44680
CVE-2022-44679
CVE-2022-44683
ADV220005
ACE
CVE-2022-446687.8Critical
CVE-2022-411217.8Critical
CVE-2022-410947.8Critical
CVE-2022-446837.8Critical
CVE-2022-410768.5Critical
CVE-2022-446768.1Critical
CVE-2022-446677.8Critical
CVE-2022-446787.8Critical
CVE-2022-446826.8High
CVE-2022-446817.8Critical
CVE-2022-446977.8Critical
CVE-2022-446708.1Critical
CVE-2022-446667.8Critical
CVE-2022-447076.5High
CVE-2022-410777.8Critical
CVE-2022-446737.0High
CVE-2022-446757.8Critical
CVE-2022-446796.5High
CVE-2022-410745.5High
CVE-2022-446807.8Critical
5021294
5021285
5021303
5021296
5021293
5021291
5021289
5021288
5022348
5022352
5022343
5022346
5022338
5022353
5022340
5022339
support.microsoft.com/kb/5021285
support.microsoft.com/kb/5021288
support.microsoft.com/kb/5021289
support.microsoft.com/kb/5021291
support.microsoft.com/kb/5021293
support.microsoft.com/kb/5021294
support.microsoft.com/kb/5021296
support.microsoft.com/kb/5021303
support.microsoft.com/kb/5022338
support.microsoft.com/kb/5022339
support.microsoft.com/kb/5022340
support.microsoft.com/kb/5022343
support.microsoft.com/kb/5022346
support.microsoft.com/kb/5022348
support.microsoft.com/kb/5022352
support.microsoft.com/kb/5022353
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41094
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44670
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44673
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44675
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44676
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44678
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44680
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44681
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44683
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44697
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44707
msrc.microsoft.com/update-guide/en-US/advisory/ADV220005
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41074
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41076
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41077
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41094
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41121
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44666
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44667
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44668
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44670
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44673
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44675
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44676
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44678
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44679
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44680
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44681
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44682
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44683
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44697
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44707
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.1%