8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
03/14/2017
Critical
Multiple serious vulnerabilities have been found in Microsoft Server Message Block 1.0(SMBv1). Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Embedded Service Pack 3
Microsoft Windows Vista Service Pack 2
Microsoft Windows 7 Service Pack 1
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Customer Guidance for WannaCrypt attacks
Securelist
MS17-010
CVE-2017-0143
CVE-2017-0144
CVE-2017-0145
CVE-2017-0146
CVE-2017-0147
CVE-2017-0148
ACE
CVE-2017-01438.1Critical
CVE-2017-01448.1Critical
CVE-2017-01458.1Critical
CVE-2017-01468.1Critical
CVE-2017-01475.9High
CVE-2017-01488.1Critical
4012217
4012215
4012216
4012606
4013198
4013429
4012212
4012214
4012213
4012598
This vulnerability can be exploited by the following malware:
support.microsoft.com/kb/4012212
support.microsoft.com/kb/4012213
support.microsoft.com/kb/4012214
support.microsoft.com/kb/4012215
support.microsoft.com/kb/4012216
support.microsoft.com/kb/4012217
support.microsoft.com/kb/4012598
support.microsoft.com/kb/4012606
support.microsoft.com/kb/4013198
support.microsoft.com/kb/4013429
blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0146
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0148
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0143
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0145
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0146
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0147
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148
securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/
securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/
statistics.securelist.com/vulnerability-scan/month
technet.microsoft.com/en-us/library/security/ms17-010.aspx
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2003/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Microsoft-Windows-XP/
threats.kaspersky.com/en/product/Windows-RT/
threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/
threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%