8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.042 Low
EPSS
Percentile
92.1%
09/10/2019
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2019 for 64-bit editions
Windows 10 Version 1809 for ARM64-based Systems
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2019 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2012
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server, version 1903 (Server Core installation)
Windows 8.1 for x64-based systems
Windows 10 Version 1703 for x64-based Systems
Office 365 ProPlus for 64-bit Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 10 Version 1803 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1903 for x64-based Systems
Microsoft Office 2013 RT Service Pack 1
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Microsoft Office 2019 for 32-bit editions
Windows Server 2012 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2019
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1709 for 64-based Systems
Office 365 ProPlus for 32-bit Systems
Microsoft Office 2016 (32-bit edition)
Windows RT 8.1
Windows Server 2016
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Windows Server 2012 R2
Windows 10 Version 1903 for ARM64-based Systems
Microsoft Office 2016 (64-bit edition)
Microsoft Project 2013 Service Pack 1 (32-bit editions)
Microsoft Project 2013 Service Pack 1 (64-bit editions)
Microsoft Project 2016 (32-bit edition)
Microsoft Project 2010 Service Pack 2 (32-bit editions)
Microsoft Project 2016 (64-bit edition)
Microsoft Project 2010 Service Pack 2 (64-bit editions)
Microsoft Lync Server 2013
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2016 for Mac
Microsoft Excel 2016 (64-bit edition)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Office 2019 for Mac
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2019-1261
CVE-2019-1260
CVE-2019-1257
CVE-2019-1262
CVE-2019-1246
CVE-2019-1295
CVE-2019-1264
CVE-2019-1296
CVE-2019-1209
CVE-2019-1263
CVE-2019-1259
CVE-2019-1297
ACE
CVE-2019-12616.8High
CVE-2019-12604.0Warning
CVE-2019-12576.5High
CVE-2019-12623.5Warning
CVE-2019-12469.3Critical
CVE-2019-12956.5High
CVE-2019-12646.8High
CVE-2019-12966.5High
CVE-2019-12094.3Warning
CVE-2019-12634.3Warning
CVE-2019-12596.8High
CVE-2019-12979.3Critical
4484098
4475590
4475596
4475594
4464557
4484099
4475605
4475599
4475591
4475611
4461631
4464548
4464566
4475583
4475589
4475607
4515509
4475566
4475579
4475574
support.microsoft.com/kb/4461631
support.microsoft.com/kb/4464548
support.microsoft.com/kb/4464557
support.microsoft.com/kb/4464566
support.microsoft.com/kb/4475566
support.microsoft.com/kb/4475574
support.microsoft.com/kb/4475579
support.microsoft.com/kb/4475583
support.microsoft.com/kb/4475589
support.microsoft.com/kb/4475590
support.microsoft.com/kb/4475591
support.microsoft.com/kb/4475594
support.microsoft.com/kb/4475596
support.microsoft.com/kb/4475599
support.microsoft.com/kb/4475605
support.microsoft.com/kb/4475607
support.microsoft.com/kb/4475611
support.microsoft.com/kb/4484098
support.microsoft.com/kb/4484099
support.microsoft.com/kb/4515509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1209
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1246
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1257
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1259
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1260
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1261
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1262
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1263
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1264
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1296
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1297
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1209
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1246
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1257
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1259
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1260
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1261
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1262
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1263
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1264
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1295
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1296
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1297
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Lync-Server/
threats.kaspersky.com/en/product/Microsoft-Lync/
threats.kaspersky.com/en/product/Microsoft-Office/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.042 Low
EPSS
Percentile
92.1%