9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.522 Medium
EPSS
Percentile
97.6%
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Below is a complete list of vulnerabilities:
Technical details
Vulnerability (2) can be triggered on stations with Outlook installed. To mitigate this vulnerability you can disable messages preview and disable HTML display in Outlook.
CVE-2015-6122 critical
CVE-2015-6118 critical
CVE-2015-6177 critical
CVE-2015-6124 critical
CVE-2015-6172 critical
CVE-2015-6040 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
support.microsoft.com/kb/3085528
support.microsoft.com/kb/3085549
support.microsoft.com/kb/3101532
support.microsoft.com/kb/3114342
support.microsoft.com/kb/3114382
support.microsoft.com/kb/3114403
support.microsoft.com/kb/3114415
support.microsoft.com/kb/3114422
support.microsoft.com/kb/3114425
support.microsoft.com/kb/3114431
support.microsoft.com/kb/3114433
support.microsoft.com/kb/3114457
support.microsoft.com/kb/3114458
support.microsoft.com/kb/3114479
support.microsoft.com/kb/3116111
support.microsoft.com/kb/3119517
support.microsoft.com/kb/3119518
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6040
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6118
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6122
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6124
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6172
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6177
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Office/