7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.274 Low
EPSS
Percentile
96.7%
07/27/2017
Critical
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code and obtain sensitive information.
Microsoft Office 2010 Click-to-Run
Microsoft Office 2013 Click-to-Run
Microsoft Office 2016 Click-to-Run
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1
Microsoft Outlook 2016
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2017-8571
CVE-2017-8663
CVE-2017-8572
CVE-2017-8572
CVE-2017-8663
ACE
CVE-2017-85716.8High
CVE-2017-85724.3Warning
CVE-2017-86639.3Critical
support.microsoft.com/kb/2956078
support.microsoft.com/kb/3213643
support.microsoft.com/kb/4011052
support.microsoft.com/kb/4011078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8663
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8571
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8663
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8663
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.274 Low
EPSS
Percentile
96.7%