8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.197 Low
EPSS
Percentile
96.2%
02/13/2018
High
Multiple vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain priveleges and obtain sensitive information. Below is a complete list of vulnerabilities:
Microsoft SharePoint Enterprise Server 2016
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2010 Service Pack 2
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office Word Viewer
Microsoft Project Server 2013 Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2018-0850
CVE-2018-0851
CVE-2018-0852
CVE-2018-0853
CVE-2018-0864
CVE-2018-0869
CVE-2018-0841
ACE
CVE-2018-08504.3Warning
CVE-2018-08519.3Critical
CVE-2018-08529.3Critical
CVE-2018-08534.3Warning
CVE-2018-08643.5Warning
CVE-2018-08693.5Warning
CVE-2018-08419.3Critical
4011200
4011682
4011711
4011697
4011690
4011686
4011707
4011703
4011715
3172459
4011143
3114874
4011680
4011701
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
support.microsoft.com/kb/3114874
support.microsoft.com/kb/3172459
support.microsoft.com/kb/4011143
support.microsoft.com/kb/4011200
support.microsoft.com/kb/4011680
support.microsoft.com/kb/4011682
support.microsoft.com/kb/4011686
support.microsoft.com/kb/4011690
support.microsoft.com/kb/4011697
support.microsoft.com/kb/4011701
support.microsoft.com/kb/4011703
support.microsoft.com/kb/4011707
support.microsoft.com/kb/4011711
support.microsoft.com/kb/4011715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0850
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0851
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0852
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0869
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0841
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0850
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0851
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0852
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0853
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0864
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0869
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.197 Low
EPSS
Percentile
96.2%