8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.908 High
EPSS
Percentile
98.8%
11/09/2021
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.
Public exploits exist for this vulnerability.
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2012
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2021-42282
CVE-2021-41367
CVE-2021-41371
CVE-2021-38665
CVE-2021-38666
CVE-2021-42291
CVE-2021-42278
CVE-2021-41377
CVE-2021-41379
CVE-2021-42285
CVE-2021-42283
CVE-2021-42275
CVE-2021-38631
CVE-2021-41370
CVE-2021-42287
CVE-2021-41366
CVE-2021-42284
ACE
CVE-2021-422826.5High
CVE-2021-413674.6Warning
CVE-2021-413712.1Warning
CVE-2021-386654.3Warning
CVE-2021-386666.8High
CVE-2021-422916.5High
CVE-2021-422786.5High
CVE-2021-413774.6Warning
CVE-2021-413794.6Warning
CVE-2021-422857.2High
CVE-2021-422834.6Warning
CVE-2021-422756.5High
CVE-2021-386312.1Warning
CVE-2021-413704.6Warning
CVE-2021-422876.5High
CVE-2021-422847.1High
CVE-2021-413664.6Warning
5007233
5007236
5007263
5007246
5007260
5007255
5007245
5007247
support.microsoft.com/kb/5007233
support.microsoft.com/kb/5007236
support.microsoft.com/kb/5007245
support.microsoft.com/kb/5007246
support.microsoft.com/kb/5007247
support.microsoft.com/kb/5007255
support.microsoft.com/kb/5007260
support.microsoft.com/kb/5007263
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41366
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41367
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41370
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41371
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42275
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42278
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42282
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42283
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42284
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42285
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42287
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42291
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38631
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38665
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38666
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41366
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41367
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41370
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41371
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41377
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41379
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42275
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42278
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42282
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42283
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42284
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42285
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42287
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42291
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.908 High
EPSS
Percentile
98.8%