8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.196 Low
EPSS
Percentile
96.2%
12/12/2017
Critical
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges.
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2016 for Mac
Microsoft SharePoint Enterprise Server 2016
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ADV170021
CVE-2017-11934
CVE-2017-11935
CVE-2017-11936
CVE-2017-11939
ACE
CVE-2017-119344.3Warning
CVE-2017-119359.3Critical
CVE-2017-119366.5High
CVE-2017-119394.0Warning
4011095
4011277
4011575
4011576
4011590
4011608
4011612
4011614
4011602
4011605
4011627
4011660
4011639
4011606
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
support.microsoft.com/kb/4011095
support.microsoft.com/kb/4011277
support.microsoft.com/kb/4011575
support.microsoft.com/kb/4011576
support.microsoft.com/kb/4011590
support.microsoft.com/kb/4011602
support.microsoft.com/kb/4011605
support.microsoft.com/kb/4011606
support.microsoft.com/kb/4011608
support.microsoft.com/kb/4011612
support.microsoft.com/kb/4011614
support.microsoft.com/kb/4011627
support.microsoft.com/kb/4011639
support.microsoft.com/kb/4011660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11935
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11939
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170021
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11934
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11936
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11939
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
threats.kaspersky.com/en/product/Microsoft-Word/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.196 Low
EPSS
Percentile
96.2%