4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
77.2%
06/10/2014
Warning
By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction.
Windows Server 2003 SP2 x86, x64, for Itanium
Windows Vista SP2 x86, x64
Windows Server 2008 SP2 x86, x64, for Itanium
Windows 7 SP1 x86, x64
Windows Server 2008 R2 SP1 x64, for Itanium
Windows 8 x86, x64 Windows 8.1 x86, x64
Windows Server 2012, 2012 R2
Windows RT & Windows RT 8.1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ACE
CVE-2014-18164.3Warning
support.microsoft.com/kb/2939576
support.microsoft.com/kb/2957482
support.microsoft.com/kb/2966061
support.microsoft.com/kb/2966631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1816
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1816
statistics.securelist.com/vulnerability-scan/month
technet.microsoft.com/en-us/library/security/ms14-033.aspx
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/