9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.843 High
EPSS
Percentile
98.4%
07/14/2020
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, perform cross-site scripting attack, gain privileges.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
.NET Core 2.1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.5.2
Microsoft Office 2019 for Mac
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Word 2016 (32-bit edition)
Microsoft .NET Framework 3.5 AND 4.6/4.6.1/4.6.2
Microsoft SharePoint Enterprise Server 2016
Microsoft .NET Framework 4.6
Microsoft .NET Framework 3.5 AND 4.8
Microsoft .NET Framework 3.5 AND 4.7.2
Microsoft Project 2013 Service Pack 1 (32-bit editions)
Microsoft SharePoint Server 2019
Microsoft Project 2016 (32-bit edition)
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Microsoft Word 2016 (64-bit edition)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Project 2010 Service Pack 2 (32-bit editions)
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft .NET Framework 3.5
OneDrive for Windows
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft Office 2019 for 64-bit editions
Microsoft Office Online Server
Microsoft Lync Server 2013
Skype for Business Server 2019 CU2
Skype for Business Server 2015 CU 8
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft .NET Framework 3.5 AND 4.7.1/4.7.2
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Project 2010 Service Pack 2 (64-bit editions)
Microsoft Project 2016 (64-bit edition)
.NET Core 3.1
Microsoft Office 2016 for Mac
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft Office 2019 for 32-bit editions
Microsoft .NET Framework 3.5.1
Microsoft Word 2013 RT Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft .NET Framework 4.8
Microsoft Office Web Apps 2013 Service Pack 1
Microsoft Project 2013 Service Pack 1 (64-bit editions)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2020-1448
CVE-2020-1449
CVE-2020-1147
CVE-2020-1454
CVE-2020-1458
CVE-2020-1456
CVE-2020-1442
CVE-2020-1443
CVE-2020-1444
CVE-2020-1445
CVE-2020-1446
CVE-2020-1447
CVE-2020-1439
CVE-2020-1451
CVE-2020-1349
CVE-2020-1465
CVE-2020-1450
CVE-2020-1342
CVE-2020-1409
CVE-2020-1240
CVE-2020-1025
ACE
CVE-2020-11476.8High
CVE-2020-14099.3Critical
CVE-2020-14486.8High
CVE-2020-14499.3Critical
CVE-2020-14543.5Warning
CVE-2020-14589.3Critical
CVE-2020-14563.5Warning
CVE-2020-14424.3Warning
CVE-2020-14433.5Warning
CVE-2020-14444.3Warning
CVE-2020-14454.3Warning
CVE-2020-14466.8High
CVE-2020-14476.8High
CVE-2020-14396.5High
CVE-2020-14513.5Warning
CVE-2020-13496.8High
CVE-2020-14657.2High
CVE-2020-14503.5Warning
CVE-2020-13424.3Warning
CVE-2020-12409.3Critical
CVE-2020-10257.5Critical
4484443
4484441
4484440
4484446
4484357
4484370
4484448
4484353
4484374
4484463
4484460
4484363
4484450
4484451
4484452
4484453
4484348
4484433
4484456
4484458
4484438
4484436
4484381
4484382
4484411
4571332
4571333
4571334
support.microsoft.com/kb/4484348
support.microsoft.com/kb/4484353
support.microsoft.com/kb/4484357
support.microsoft.com/kb/4484363
support.microsoft.com/kb/4484370
support.microsoft.com/kb/4484374
support.microsoft.com/kb/4484381
support.microsoft.com/kb/4484382
support.microsoft.com/kb/4484411
support.microsoft.com/kb/4484433
support.microsoft.com/kb/4484436
support.microsoft.com/kb/4484438
support.microsoft.com/kb/4484440
support.microsoft.com/kb/4484441
support.microsoft.com/kb/4484443
support.microsoft.com/kb/4484446
support.microsoft.com/kb/4484448
support.microsoft.com/kb/4484450
support.microsoft.com/kb/4484451
support.microsoft.com/kb/4484452
support.microsoft.com/kb/4484453
support.microsoft.com/kb/4484456
support.microsoft.com/kb/4484458
support.microsoft.com/kb/4484460
support.microsoft.com/kb/4484463
support.microsoft.com/kb/4571332
support.microsoft.com/kb/4571333
support.microsoft.com/kb/4571334
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1147
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1240
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1349
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1445
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1456
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1458
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1465
nvd.nist.gov/vuln/detail/CVE-2020-1349
nvd.nist.gov/vuln/detail/CVE-2020-1445
nvd.nist.gov/vuln/detail/CVE-2020-1448
nvd.nist.gov/vuln/detail/CVE-2020-1451
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1025
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1147
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1240
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1342
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1409
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1439
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1442
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1443
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1444
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1446
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1447
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1449
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1450
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1454
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1456
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1458
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1465
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-.NET-Framework/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
threats.kaspersky.com/en/product/Microsoft-Word/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.843 High
EPSS
Percentile
98.4%