7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
09/12/2017
Critical
An improper validation of untrusted input was found in Microsoft .NET Framework. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document or application.
Microsoft .NET Framework 4.7
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.6.1
Microsoft .NET Framework 4.6.2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ACE
CVE-2017-87599.3Critical
4038788
4038782
4038783
4038781
4040955
4040956
4040957
4040958
4040959
4040960
4040964
4040965
4040966
4040967
4040971
4040972
4040973
4040974
4040975
4040977
4040978
4040979
4040980
4040981
This vulnerability can be exploited by the following malware:
support.microsoft.com/kb/4038781
support.microsoft.com/kb/4038782
support.microsoft.com/kb/4038783
support.microsoft.com/kb/4038788
support.microsoft.com/kb/4040955
support.microsoft.com/kb/4040956
support.microsoft.com/kb/4040957
support.microsoft.com/kb/4040958
support.microsoft.com/kb/4040959
support.microsoft.com/kb/4040960
support.microsoft.com/kb/4040964
support.microsoft.com/kb/4040965
support.microsoft.com/kb/4040966
support.microsoft.com/kb/4040967
support.microsoft.com/kb/4040971
support.microsoft.com/kb/4040972
support.microsoft.com/kb/4040973
support.microsoft.com/kb/4040974
support.microsoft.com/kb/4040975
support.microsoft.com/kb/4040977
support.microsoft.com/kb/4040978
support.microsoft.com/kb/4040979
support.microsoft.com/kb/4040980
support.microsoft.com/kb/4040981
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8759
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%