8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
01/08/2019
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface.
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Office 365 ProPlus for 32-bit Systems
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Office 365 ProPlus for 64-bit Systems
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2016 (64-bit edition)
Internet Explorer 10
Internet Explorer 11
Internet Explorer 9
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft Office Word Viewer
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Enterprise Server 2016
Microsoft Business Productivity Servers 2010 Service Pack 2
Skype 8.35 when installed on Android Devices
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Office Web Apps Server 2010 Service Pack 2
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2019 for Mac
Microsoft Office Online Server
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Word Automation Services
Microsoft Office 2016 for Mac
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2019-0560
CVE-2019-0559
CVE-2019-0541
CVE-2019-0562
CVE-2019-0556
CVE-2019-0558
CVE-2019-0622
CVE-2019-0585
CVE-2019-0557
CVE-2019-0561
CVE-2019-0538
CVE-2019-0582
ACE
CVE-2019-05829.3Critical
CVE-2019-05389.3Critical
CVE-2019-05604.3Warning
CVE-2019-05594.3Warning
CVE-2019-05419.3Critical
CVE-2019-05623.5Warning
CVE-2019-05563.5Warning
CVE-2019-05583.5Warning
CVE-2019-06222.1Warning
CVE-2019-05859.3Critical
CVE-2019-05573.5Warning
CVE-2019-05614.3Warning
4461614
4461535
4461537
4461623
4461595
4461601
3172522
4022162
4462112
2596760
2553332
4461634
4461598
4461591
4461596
4461624
4461594
4461612
4461543
4461625
4461633
4461617
4461620
4461589
4461635
4018313
4018300
4018294
Public exploits exist for this vulnerability.
support.microsoft.com/kb/2553332
support.microsoft.com/kb/2596760
support.microsoft.com/kb/3172522
support.microsoft.com/kb/4018294
support.microsoft.com/kb/4018300
support.microsoft.com/kb/4018313
support.microsoft.com/kb/4022162
support.microsoft.com/kb/4461535
support.microsoft.com/kb/4461537
support.microsoft.com/kb/4461543
support.microsoft.com/kb/4461589
support.microsoft.com/kb/4461591
support.microsoft.com/kb/4461594
support.microsoft.com/kb/4461595
support.microsoft.com/kb/4461596
support.microsoft.com/kb/4461598
support.microsoft.com/kb/4461601
support.microsoft.com/kb/4461612
support.microsoft.com/kb/4461614
support.microsoft.com/kb/4461617
support.microsoft.com/kb/4461620
support.microsoft.com/kb/4461623
support.microsoft.com/kb/4461624
support.microsoft.com/kb/4461625
support.microsoft.com/kb/4461633
support.microsoft.com/kb/4461634
support.microsoft.com/kb/4461635
support.microsoft.com/kb/4462112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0541
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0556
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0557
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0558
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0560
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0561
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0562
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0582
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0585
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0622
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0538
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0557
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0558
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0559
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0560
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0561
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0562
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0582
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0622
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-Word/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%