8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
03/14/2017
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service.
This vulnerability can be exploited by the following malware:
Microsoft Silverlight 5 when installed on Microsoft Windows (x64-based)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Vista x64 Edition Service Pack 2
Internet Explorer 9
Windows 10 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Skype for Business 2016 (64-bit)
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Vista Service Pack 2
Microsoft XML Core Services 3.0
Microsoft Lync 2013 Service Pack 1 (64-bit)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Internet Explorer 11
Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft Lync Basic 2013 Service Pack 1 (64-bit)
Windows Server 2016
Microsoft Lync 2010 Attendee (admin level install)
Skype for Business 2016 Basic (32-bit)
Microsoft Live Meeting 2007 Add-in
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows RT 8.1
Skype for Business 2016 (32-bit)
Microsoft Lync 2010 Attendee (user level install)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 10 Version 1511 for 32-bit Systems
Microsoft Lync 2010 (64-bit)
Microsoft Office Word Viewer
Microsoft Live Meeting 2007 Console
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (32-bit)
Microsoft Edge (EdgeHTML-based)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows (x64-based)
Microsoft Office 2007 Service Pack 3
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1511 for x64-based Systems
Skype for Business 2016 Basic (64-bit)
Microsoft Lync Basic 2013 Service Pack 1 (32-bit)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 10
Microsoft Lync 2010 (32-bit)
Microsoft Silverlight 5 when installed on Microsoft Windows (32-bit)
Windows Server 2012 R2
Microsoft Lync 2013 Service Pack 1 (32-bit)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2017-0108
CVE-2017-0109
CVE-2017-0072
CVE-2017-0100
CVE-2017-0101
CVE-2017-0102
CVE-2017-0143
CVE-2017-0104
CVE-2017-0022
CVE-2017-0001
CVE-2017-0145
CVE-2017-0120
CVE-2017-0147
CVE-2017-0005
CVE-2017-0127
CVE-2017-0124
CVE-2017-0125
CVE-2017-0009
CVE-2017-0008
CVE-2017-0047
CVE-2017-0060
CVE-2017-0148
CVE-2017-0061
CVE-2017-0043
CVE-2017-0042
CVE-2017-0045
CVE-2017-0119
CVE-2017-0062
CVE-2017-0149
CVE-2017-0099
CVE-2017-0144
CVE-2017-0040
CVE-2017-0090
CVE-2017-0091
CVE-2017-0096
CVE-2017-0097
CVE-2017-0038
CVE-2017-0039
CVE-2017-0103
CVE-2017-0063
CVE-2017-0118
CVE-2017-0117
CVE-2017-0116
CVE-2017-0115
CVE-2017-0114
CVE-2017-0113
CVE-2017-0112
CVE-2017-0111
CVE-2017-0092
CVE-2017-0076
CVE-2017-0014
CVE-2017-0059
CVE-2017-0056
CVE-2017-0055
CVE-2017-0050
CVE-2017-0123
CVE-2017-0122
CVE-2017-0073
CVE-2017-0075
CVE-2017-0025
CVE-2017-0146
CVE-2017-0128
CVE-2017-0089
CVE-2017-0088
CVE-2017-0121
CVE-2017-0130
CVE-2017-0126
CVE-2017-0083
CVE-2017-0085
CVE-2017-0084
CVE-2017-0087
CVE-2017-0086
ACE
CVE-2017-00423.1Warning
CVE-2017-00962.6Warning
CVE-2017-00975.4High
CVE-2017-00995.4High
CVE-2017-01097.6Critical
CVE-2017-00757.6Critical
CVE-2017-00765.4High
CVE-2017-00556.1High
CVE-2017-01027.8Critical
CVE-2017-01037.0High
CVE-2017-01017.8Critical
CVE-2017-00507.8Critical
CVE-2017-00567.8Critical
CVE-2017-00435.3High
CVE-2017-00455.5High
CVE-2017-00224.3Warning
CVE-2017-01438.1Critical
CVE-2017-01448.1Critical
CVE-2017-01458.1Critical
CVE-2017-01468.1Critical
CVE-2017-01475.9High
CVE-2017-01488.1Critical
CVE-2017-00147.5Critical
CVE-2017-00605.5High
CVE-2017-00615.3High
CVE-2017-00624.7Warning
CVE-2017-00636.5High
CVE-2017-00257.8Critical
CVE-2017-00734.3Warning
CVE-2017-01087.8Critical
CVE-2017-00385.5High
CVE-2017-00017.8Critical
CVE-2017-00057.0High
CVE-2017-00477.8Critical
CVE-2017-00728.8Critical
CVE-2017-00838.8Critical
CVE-2017-00848.8Critical
CVE-2017-00854.3Warning
CVE-2017-00868.8Critical
CVE-2017-00878.8Critical
CVE-2017-00888.8Critical
CVE-2017-00898.8Critical
CVE-2017-00908.8Critical
CVE-2017-00914.3Warning
CVE-2017-00924.3Warning
CVE-2017-01114.3Warning
CVE-2017-01124.3Warning
CVE-2017-01134.3Warning
CVE-2017-01144.3Warning
CVE-2017-01154.3Warning
CVE-2017-01164.3Warning
CVE-2017-01174.3Warning
CVE-2017-01184.3Warning
CVE-2017-01194.3Warning
CVE-2017-01204.3Warning
CVE-2017-01214.3Warning
CVE-2017-01224.3Warning
CVE-2017-01234.3Warning
CVE-2017-01244.3Warning
CVE-2017-01254.3Warning
CVE-2017-01264.3Warning
CVE-2017-01274.3Warning
CVE-2017-01284.3Warning
CVE-2017-00094.3Warning
CVE-2017-00594.3Warning
CVE-2017-01307.5Critical
CVE-2017-01497.5Critical
CVE-2017-00084.3Warning
CVE-2017-00407.5Critical
CVE-2017-01007.8Critical
CVE-2017-01048.1Critical
CVE-2017-00397.8Critical
4012204
4012215
3211306
4012212
4012598
4012583
3217587
4012021
4012373
4012497
4017018
4012584
3218362
4011981
3217882
3214051
support.microsoft.com/kb/3211306
support.microsoft.com/kb/3214051
support.microsoft.com/kb/3217587
support.microsoft.com/kb/3217882
support.microsoft.com/kb/3218362
support.microsoft.com/kb/4011981
support.microsoft.com/kb/4012021
support.microsoft.com/kb/4012204
support.microsoft.com/kb/4012212
support.microsoft.com/kb/4012215
support.microsoft.com/kb/4012373
support.microsoft.com/kb/4012497
support.microsoft.com/kb/4012583
support.microsoft.com/kb/4012584
support.microsoft.com/kb/4012598
support.microsoft.com/kb/4017018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0001
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0008
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0014
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0039
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0083
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0084
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0085
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0086
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0087
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0088
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0089
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0092
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0118
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0123
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0125
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0146
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0147
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0148
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0149
nvd.nist.gov/vuln/detail/CVE-2017-0061
nvd.nist.gov/vuln/detail/CVE-2017-0063
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0001
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0005
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0008
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0009
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0014
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0022
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0025
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0038
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0039
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0040
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0042
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0043
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0045
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0047
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0050
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0055
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0056
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0059
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0060
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0062
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0072
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0073
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0075
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0076
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0083
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0084
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0085
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0086
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0087
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0088
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0089
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0090
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0091
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0092
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0096
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0097
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0099
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0100
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0101
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0102
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0103
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0104
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0108
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0109
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0111
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0112
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0113
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0114
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0115
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0116
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0117
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0118
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0119
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0120
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0121
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0122
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0123
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0124
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0125
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0126
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0127
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0128
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0130
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0143
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0144
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0145
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0146
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0147
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0148
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0149
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Lync-2010-Attendee/
threats.kaspersky.com/en/product/Microsoft-Lync/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Silverlight/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Microsoft-Word/
threats.kaspersky.com/en/product/Microsoft-XML-Core-Services/
threats.kaspersky.com/en/product/Windows-RT/
threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2017-0147.sa.leak/
threats.kaspersky.com/en/threat/Intrusion.Win.EternalRomance/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%