9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.262 Low
EPSS
Percentile
96.7%
07/10/2018
Critical
Multiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, bypass security restrictions, gain privileges.
.NET Core 2.0
ASP.NET Core 1.1
ASP.NET Core 1.0
ASP.NET Core 2.0
ASP.NET Web Pages 3.2.3
ASP.NET MVC 5.2
Microsoft Visual Studio 2015 Update 3
Microsoft Visual Studio 2017
Microsoft Visual Studio 2013 Update 5
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2012 Update 5
Expression Blend 4 Service Pack 3
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 4.7.2
Microsoft .NET Framework 4.6/4.6.1/4.6.2
Microsoft .NET Framework 4.7/4.7.1/4.7.2
.NET Framework 4.7.2 Developer Pack
Web Customizations for Active Directory Federation Services
PowerShell Extension for Visual Studio Code
PowerShell Editor Services
.NET Core 1.1
.NET Core 1.0
Expression Blend 3 Service Pack 1
Microsoft Research JavaScript Cryptography Library V1.4
Microsoft .NET Framework 4.7.1/4.7.2
PowerShell Core 6.0
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
Expression Blend 2 Service Pack 2
PowerShell Core 6.1
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2018-8232
CVE-2018-8202
CVE-2018-8284
CVE-2018-8171
CVE-2018-8260
CVE-2018-8319
CVE-2018-8326
CVE-2018-8172
CVE-2018-8356
CVE-2018-8327
ACE
CVE-2018-83562.1Warning
CVE-2018-83197.5Critical
CVE-2018-83263.5Warning
CVE-2018-82027.2High
CVE-2018-81729.3Critical
CVE-2018-82606.8High
CVE-2018-81715.0Warning
CVE-2018-82324.6Warning
CVE-2018-82849.3Critical
4338825
4338814
4338829
4338819
4338826
4345421
4345419
4345455
4345420
4345418
4338420
4338611
4338604
4338415
4338421
4338422
4338416
4338601
4336919
4338613
4338418
4338424
4338419
4338417
4339279
4336986
4338600
4338612
4336999
4338606
4336946
4338602
4338605
4338423
4342193
4338610
4342192
4342191
4346877
4344151
4344146
4343909
4344166
4344177
4344178
4344147
4344148
4343885
4344172
4344144
4343887
4344149
4344175
4344165
4344167
4343892
4344153
4344150
4344152
4344176
4344171
4344173
4344145
4343897
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
support.microsoft.com/kb/4336919
support.microsoft.com/kb/4336946
support.microsoft.com/kb/4336986
support.microsoft.com/kb/4336999
support.microsoft.com/kb/4338415
support.microsoft.com/kb/4338416
support.microsoft.com/kb/4338417
support.microsoft.com/kb/4338418
support.microsoft.com/kb/4338419
support.microsoft.com/kb/4338420
support.microsoft.com/kb/4338421
support.microsoft.com/kb/4338422
support.microsoft.com/kb/4338423
support.microsoft.com/kb/4338424
support.microsoft.com/kb/4338600
support.microsoft.com/kb/4338601
support.microsoft.com/kb/4338602
support.microsoft.com/kb/4338604
support.microsoft.com/kb/4338605
support.microsoft.com/kb/4338606
support.microsoft.com/kb/4338610
support.microsoft.com/kb/4338611
support.microsoft.com/kb/4338612
support.microsoft.com/kb/4338613
support.microsoft.com/kb/4338814
support.microsoft.com/kb/4338819
support.microsoft.com/kb/4338825
support.microsoft.com/kb/4338826
support.microsoft.com/kb/4338829
support.microsoft.com/kb/4339279
support.microsoft.com/kb/4342191
support.microsoft.com/kb/4342192
support.microsoft.com/kb/4342193
support.microsoft.com/kb/4343885
support.microsoft.com/kb/4343887
support.microsoft.com/kb/4343892
support.microsoft.com/kb/4343897
support.microsoft.com/kb/4343909
support.microsoft.com/kb/4344144
support.microsoft.com/kb/4344145
support.microsoft.com/kb/4344146
support.microsoft.com/kb/4344147
support.microsoft.com/kb/4344148
support.microsoft.com/kb/4344149
support.microsoft.com/kb/4344150
support.microsoft.com/kb/4344151
support.microsoft.com/kb/4344152
support.microsoft.com/kb/4344153
support.microsoft.com/kb/4344165
support.microsoft.com/kb/4344166
support.microsoft.com/kb/4344167
support.microsoft.com/kb/4344171
support.microsoft.com/kb/4344172
support.microsoft.com/kb/4344173
support.microsoft.com/kb/4344175
support.microsoft.com/kb/4344176
support.microsoft.com/kb/4344177
support.microsoft.com/kb/4344178
support.microsoft.com/kb/4345418
support.microsoft.com/kb/4345419
support.microsoft.com/kb/4345420
support.microsoft.com/kb/4345421
support.microsoft.com/kb/4345455
support.microsoft.com/kb/4346877
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8171
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8172
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8260
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8284
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8326
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8356
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8171
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8172
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8202
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8232
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8260
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8284
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8319
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8326
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8327
msrc.microsoft.com/update-guide/vulnerability/CVE-2018-8356
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Active-Directory/
threats.kaspersky.com/en/product/Microsoft-ASP.NET-MVC/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.262 Low
EPSS
Percentile
96.7%