8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
04/11/2017
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.
This vulnerability can be exploited by the following malware:
Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows 10 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Windows Vista Service Pack 2
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2016
Windows RT 8.1
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows 10 Version 1703 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit)
Microsoft Office 2016 (32-bit edition)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based)
Microsoft Office 2007 Service Pack 3
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Mono Framework Version 5.0.0.48
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Windows 10 Version 1607 for 32-bit Systems
Microsoft Office 2016 (64-bit edition)
Windows 10 Version 1607 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Mono Framework Version 4.8.1.0
Internet Explorer 10
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 10 Version 1703 for 32-bit Systems
Microsoft Silverlight 5 when installed on Microsoft Windows (32-bit)
Windows Server 2012 R2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2017-0201
CVE-2017-0183
CVE-2017-0058
CVE-2017-0155
CVE-2013-6629
CVE-2017-0163
CVE-2017-0180
CVE-2017-0182
CVE-2017-0158
CVE-2017-0184
CVE-2017-0192
CVE-2017-0168
CVE-2017-0166
CVE-2017-0167
CVE-2017-0191
CVE-2017-0156
CVE-2017-0199
ACE
CVE-2017-01997.8Critical
CVE-2017-02017.5Critical
CVE-2017-00584.7Warning
CVE-2017-01557.0High
CVE-2017-01567.0High
CVE-2017-01668.1Critical
CVE-2017-01675.5High
CVE-2017-01915.8High
CVE-2017-01924.3Warning
CVE-2017-01587.5Critical
CVE-2017-01637.6Critical
CVE-2017-01685.8High
CVE-2017-01807.6Critical
CVE-2017-01825.8High
CVE-2017-01835.8High
CVE-2017-01845.4High
CVE-2013-66295.0Warning
4015549
4014661
4022719
4015546
4014793
4022722
4022887
4015068
4015195
4015380
4020535
3217841
3211308
4014652
4014794
4015383
support.microsoft.com/kb/3211308
support.microsoft.com/kb/3217841
support.microsoft.com/kb/4014652
support.microsoft.com/kb/4014661
support.microsoft.com/kb/4014793
support.microsoft.com/kb/4014794
support.microsoft.com/kb/4015068
support.microsoft.com/kb/4015195
support.microsoft.com/kb/4015380
support.microsoft.com/kb/4015383
support.microsoft.com/kb/4015546
support.microsoft.com/kb/4015549
support.microsoft.com/kb/4020535
support.microsoft.com/kb/4022719
support.microsoft.com/kb/4022722
support.microsoft.com/kb/4022887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0155
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0156
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0163
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0166
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0167
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0168
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0180
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0182
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0199
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0201
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2013-6629
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0058
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0155
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0156
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0158
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0163
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0166
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0167
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0168
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0180
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0182
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0183
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0184
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0191
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0192
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0199
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0201
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Silverlight/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/
threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/
threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/
threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%