7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.082 Low
EPSS
Percentile
94.4%
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, gain privileges, bypass security restrictions.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2019-0607 critical
CVE-2019-0644 critical
CVE-2019-0593 critical
CVE-2019-0642 critical
CVE-2019-0590 critical
CVE-2019-0651 critical
CVE-2019-0652 critical
CVE-2019-0655 critical
CVE-2019-0640 critical
CVE-2019-0605 critical
CVE-2019-0658 warning
CVE-2019-0610 critical
CVE-2019-0649 high
CVE-2019-0591 critical
CVE-2019-0654 warning
CVE-2019-0643 warning
CVE-2019-0648 warning
CVE-2019-0650 critical
CVE-2019-0634 critical
CVE-2019-0641 warning
CVE-2019-0606 critical
CVE-2019-0645 critical
CVE-2019-0676 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4486474
support.microsoft.com/kb/4486563
support.microsoft.com/kb/4486996
support.microsoft.com/kb/4487000
support.microsoft.com/kb/4487017
support.microsoft.com/kb/4487018
support.microsoft.com/kb/4487020
support.microsoft.com/kb/4487025
support.microsoft.com/kb/4487026
support.microsoft.com/kb/4487044
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0591
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0593
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0607
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0610
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0640
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0641
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0642
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0643
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0644
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0645
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0648
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0649
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0650
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0651
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0654
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0655
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0658
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/ChakraCore/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.082 Low
EPSS
Percentile
94.4%