4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
32.1%
Speculative store bypass vulnerability in Microsoft Windows systems can be exploited to bypass security restrictions.
On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees.
On June 13, 2018, an additional vulnerability involving side channel speculative execution, known as Lazy FP State Restore, has been announced and assigned CVE-2018-3665.
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
support.microsoft.com/kb/4338815
support.microsoft.com/kb/4338816
support.microsoft.com/kb/4338820
support.microsoft.com/kb/4338824
support.microsoft.com/kb/4338829
support.microsoft.com/kb/4338830
support.microsoft.com/kb/4338831
support.microsoft.com/kb/4345424
support.microsoft.com/kb/4345425
support.microsoft.com/kb/4345455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180016
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
32.1%