7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
04/11/2017
High
An unspecified vulnerability was found in the EPS (Encapsulated PostScript) filter in Microsoft Office. By exploiting this vulnerability malicious users can possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website or file.
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2016
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ADV170005
Microsoft Security Advisory
CVE-2017-0197
CVE-2017-0199
ACE
CVE-2017-01977.8Critical
CVE-2017-01997.8Critical
3212218
3191829
2589382
3141529
3141538
3178710
3178703
3178702
This vulnerability can be exploited by the following malware:
support.microsoft.com/kb/2589382
support.microsoft.com/kb/3141529
support.microsoft.com/kb/3141538
support.microsoft.com/kb/3178702
support.microsoft.com/kb/3178703
support.microsoft.com/kb/3178710
support.microsoft.com/kb/3191829
support.microsoft.com/kb/3212218
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0197
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0199
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170005
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170005
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0197
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/
threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/
threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/
threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%