8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.512 Medium
EPSS
Percentile
97.5%
10/12/2021
High
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.
Public exploits exist for this vulnerability.
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2021-36970
CVE-2021-40455
CVE-2021-38662
CVE-2021-41335
CVE-2021-40449
CVE-2021-38663
CVE-2021-41342
CVE-2021-26442
CVE-2021-41332
CVE-2021-40466
CVE-2021-41331
CVE-2021-40469
CVE-2021-41340
CVE-2021-40467
CVE-2021-36953
CVE-2021-40489
CVE-2021-40443
CVE-2021-40460
CVE-2021-40465
CVE-2021-41343
CVE-2021-40478
CVE-2021-26441
CVE-2021-40476
CVE-2021-40454
CVE-2021-41345
CVE-2021-40463
CVE-2021-40477
CVE-2021-40488
ACE
CVE-2021-369708.8Critical
CVE-2021-404555.5High
CVE-2021-386625.5High
CVE-2021-413357.8Critical
CVE-2021-404497.8Critical
CVE-2021-386635.5High
CVE-2021-413426.8High
CVE-2021-264427.0High
CVE-2021-413326.5High
CVE-2021-404667.8Critical
CVE-2021-413317.8Critical
CVE-2021-404697.2High
CVE-2021-413407.8Critical
CVE-2021-404677.8Critical
CVE-2021-369537.5Critical
CVE-2021-404897.8Critical
CVE-2021-404437.8Critical
CVE-2021-404606.5High
CVE-2021-404657.8Critical
CVE-2021-413435.5High
CVE-2021-404777.8Critical
CVE-2021-413457.8Critical
CVE-2021-404887.8Critical
CVE-2021-404767.5Critical
CVE-2021-404637.7Critical
CVE-2021-404787.8Critical
CVE-2021-264417.8Critical
CVE-2021-404545.5High
5006729
5006671
5006732
5006736
5006743
5006728
5006714
5006715
5006739
support.microsoft.com/kb/5006671
support.microsoft.com/kb/5006714
support.microsoft.com/kb/5006715
support.microsoft.com/kb/5006728
support.microsoft.com/kb/5006729
support.microsoft.com/kb/5006732
support.microsoft.com/kb/5006736
support.microsoft.com/kb/5006739
support.microsoft.com/kb/5006743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40454
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40488
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41345
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26441
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26442
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36953
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38662
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38663
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40443
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40454
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40455
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40460
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40463
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40465
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40466
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40467
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40469
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40476
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40477
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40478
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40488
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40489
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41331
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41332
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41335
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41340
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41342
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41343
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41345
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.512 Medium
EPSS
Percentile
97.5%