8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.311 Low
EPSS
Percentile
96.9%
03/10/2015
Critical
Lack of authentication control was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed UNC share.
Windows Server 2003 x86, x64, Itanium-based Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium-based Service Pack 2
Windows 7 x86, x64 service Pack 1
Windows Server 2008 R2 x64, Itanium-based Service Pack 1
Windows 8 x86, x64
Windows 8.1 x86, x64
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ACE
CVE-2015-00088.3Critical
support.microsoft.com/kb/3000483
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0008
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0008
statistics.securelist.com/vulnerability-scan/month
technet.microsoft.com/en-us/library/security/ms15-011.aspx
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2003/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Windows-RT/