7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
09/09/2016
Critical
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Windows Vista Service Pack 2
Windows 7 Service Pack 1
Windows Server 2008 Service Pack 2
Windows Server 2008 R2 Service Pack 1
Windows Server 2012
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2016
Microsoft OneNote 2007 Service Pack 3
Microsoft OneNote 2010 Service Pack 2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Microsoft Security Update Guide
CVE-2017-0197
CVE-2017-0199
ACE
CVE-2017-01977.8Critical
CVE-2017-01997.8Critical
4015549
4015551
4015548
3191829
2589382
4015546
3141529
3141538
3178710
4014793
3178703
This vulnerability can be exploited by the following malware:
support.microsoft.com/kb/2589382
support.microsoft.com/kb/3141529
support.microsoft.com/kb/3141538
support.microsoft.com/kb/3178703
support.microsoft.com/kb/3178710
support.microsoft.com/kb/3191829
support.microsoft.com/kb/4014793
support.microsoft.com/kb/4015546
support.microsoft.com/kb/4015548
support.microsoft.com/kb/4015549
support.microsoft.com/kb/4015551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0197
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0199
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0197
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/
threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/
threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/
threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%