7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.334 Low
EPSS
Percentile
97.0%
03/14/2017
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.
Microsoft Lync 2010 Attendee (admin level install)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit)
Microsoft Lync 2010 Attendee (user level install)
Microsoft Lync Basic 2013 Service Pack 1 (32-bit)
Skype for Business 2016 Basic (64-bit)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based)
Microsoft Lync Basic 2013 Service Pack 1 (64-bit)
Skype for Business 2016 (32-bit)
Microsoft Office Word Viewer
Microsoft Lync 2013 Service Pack 1 (32-bit)
Microsoft Live Meeting 2007 Console
Microsoft Live Meeting 2007 Add-in
Skype for Business 2016 (64-bit)
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Silverlight 5 when installed on Microsoft Windows (32-bit)
Skype for Business 2016 Basic (32-bit)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based)
Microsoft Lync 2010 (64-bit)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Lync 2010 (32-bit)
Microsoft Office 2007 Service Pack 3
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2017-0073
CVE-2017-0014
CVE-2017-0108
CVE-2017-0060
ACE
CVE-2017-00147.6Critical
CVE-2017-00601.9Warning
CVE-2017-00734.3Warning
CVE-2017-01089.3Critical
3127945
3127958
3141535
3172539
3178653
3178656
3178688
3178693
4010299
4010300
4010301
4010303
4010304
The following public exploits exists for this vulnerability:
support.microsoft.com/kb/3127945
support.microsoft.com/kb/3127958
support.microsoft.com/kb/3141535
support.microsoft.com/kb/3172539
support.microsoft.com/kb/3178653
support.microsoft.com/kb/3178656
support.microsoft.com/kb/3178688
support.microsoft.com/kb/3178693
support.microsoft.com/kb/4010299
support.microsoft.com/kb/4010300
support.microsoft.com/kb/4010301
support.microsoft.com/kb/4010303
support.microsoft.com/kb/4010304
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0014
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0108
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0014
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0060
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0073
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0108
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Silverlight/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Microsoft-Word/
threats.kaspersky.com/en/product/Windows-RT/
www.exploit-db.com/exploits/41647
www.exploit-db.com/exploits/41656
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.334 Low
EPSS
Percentile
97.0%