9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.7%
12/14/2021
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges.
Public exploits exist for this vulnerability.
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2021-43217
CVE-2021-43216
CVE-2021-43223
CVE-2021-43238
CVE-2021-43883
CVE-2021-43229
CVE-2021-43226
CVE-2021-43234
CVE-2021-43215
CVE-2021-43893
CVE-2021-43230
CVE-2021-43224
CVE-2021-43222
CVE-2021-43233
CVE-2021-43245
CVE-2021-40441
CVE-2021-41333
CVE-2021-43236
CVE-2021-43207
CVE-2021-43232
CVE-2021-43248
ACE
CVE-2021-432179.8Critical
CVE-2021-432166.5High
CVE-2021-432237.8Critical
CVE-2021-432387.8Critical
CVE-2021-438837.8Critical
CVE-2021-432297.8Critical
CVE-2021-432267.8Critical
CVE-2021-432327.8Critical
CVE-2021-432347.8Critical
CVE-2021-432159.8Critical
CVE-2021-438937.5Critical
CVE-2021-432307.8Critical
CVE-2021-432245.5High
CVE-2021-432227.5Critical
CVE-2021-432337.5Critical
CVE-2021-432457.8Critical
CVE-2021-404417.8Critical
CVE-2021-432487.8Critical
CVE-2021-413337.8Critical
CVE-2021-432367.5Critical
CVE-2021-432077.8Critical
5008263
5008277
5008285
5008255
5008274
5008244
5008282
5008271
5015875
5015863
5015877
5015874
5015862
5015861
support.microsoft.com/kb/5008244
support.microsoft.com/kb/5008255
support.microsoft.com/kb/5008263
support.microsoft.com/kb/5008271
support.microsoft.com/kb/5008274
support.microsoft.com/kb/5008277
support.microsoft.com/kb/5008282
support.microsoft.com/kb/5008285
support.microsoft.com/kb/5015861
support.microsoft.com/kb/5015862
support.microsoft.com/kb/5015863
support.microsoft.com/kb/5015874
support.microsoft.com/kb/5015875
support.microsoft.com/kb/5015877
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41333
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43207
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43215
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43216
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43217
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43222
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43223
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43224
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43226
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43229
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43230
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43233
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43234
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43236
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43238
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43245
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43883
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43893
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40441
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41333
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43207
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43215
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43216
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43217
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43222
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43223
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43224
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43226
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43229
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43230
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43232
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43233
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43234
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43236
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43238
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43245
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43248
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43883
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43893
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.7%