8.2 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.939 High
EPSS
Percentile
99.1%
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
Technical details
To mitigate vulnerability (2) access to VBScript.dll and JScript.dll can be restricted. For further details look at original advisory.
Public exploits exist for this vulnerability.
CVE-2015-6064 critical
CVE-2015-6078 critical
CVE-2015-6088 warning
CVE-2015-6073 critical
CVE-2015-6087 critical
CVE-2015-6066 critical
CVE-2015-6068 critical
CVE-2015-6065 critical
CVE-2015-6071 critical
CVE-2015-6072 critical
CVE-2015-6069 critical
CVE-2015-6070 critical
CVE-2015-6074 critical
CVE-2015-6086 warning
CVE-2015-6077 critical
CVE-2015-6082 critical
CVE-2015-6081 critical
CVE-2015-6080 critical
CVE-2015-6079 critical
CVE-2015-6076 critical
CVE-2015-6075 critical
CVE-2015-2427 critical
CVE-2015-6089 critical
CVE-2015-6085 critical
CVE-2015-6084 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/3100773
support.microsoft.com/kb/3104517
support.microsoft.com/kb/3105211
support.microsoft.com/kb/3105213
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2427
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6064
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6065
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6066
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6068
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6069
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6070
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6071
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6072
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6073
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6074
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6075
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6076
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6077
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6078
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6079
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6080
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6081
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6082
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6084
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6085
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6086
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6087
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6088
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6089
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/