9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.28 Low
EPSS
Percentile
96.8%
09/13/2022
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information.
Public exploits exist for this vulnerability.
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2022-35840
CVE-2022-38004
CVE-2022-34727
CVE-2022-37969
CVE-2022-30170
CVE-2022-34724
CVE-2022-33647
CVE-2022-34732
CVE-2022-35830
CVE-2022-34726
CVE-2022-34718
CVE-2022-34721
CVE-2022-37955
CVE-2022-34731
CVE-2022-35803
CVE-2022-30200
CVE-2022-34730
CVE-2022-34729
CVE-2022-38006
CVE-2022-38005
CVE-2022-37964
CVE-2022-37956
CVE-2022-34733
CVE-2022-35836
CVE-2022-35833
CVE-2022-35832
CVE-2022-37958
CVE-2022-35835
CVE-2022-33679
CVE-2022-34734
CVE-2022-34728
CVE-2022-34720
CVE-2022-34719
CVE-2022-34722
CVE-2022-35837
CVE-2022-35834
ACE
CVE-2022-358408.8Critical
CVE-2022-380047.8Critical
CVE-2022-347278.8Critical
CVE-2022-379697.8Critical
CVE-2022-301707.3High
CVE-2022-347247.5Critical
CVE-2022-336478.1Critical
CVE-2022-347328.8Critical
CVE-2022-358308.1Critical
CVE-2022-347268.8Critical
CVE-2022-347189.8Critical
CVE-2022-347219.8Critical
CVE-2022-379557.8Critical
CVE-2022-347318.8Critical
CVE-2022-358037.8Critical
CVE-2022-302007.8Critical
CVE-2022-347308.8Critical
CVE-2022-347297.8Critical
CVE-2022-380066.5High
CVE-2022-380057.8Critical
CVE-2022-379567.8Critical
CVE-2022-347338.8Critical
CVE-2022-358368.8Critical
CVE-2022-358337.5Critical
CVE-2022-358325.5High
CVE-2022-379588.1Critical
CVE-2022-358358.8Critical
CVE-2022-336798.1Critical
CVE-2022-347348.8Critical
CVE-2022-347285.5High
CVE-2022-347207.5Critical
CVE-2022-347197.8Critical
CVE-2022-347229.8Critical
CVE-2022-358376.5High
CVE-2022-358348.8Critical
CVE-2022-379647.8Critical
5017361
5017373
5017371
5017358
support.microsoft.com/kb/5017358
support.microsoft.com/kb/5017361
support.microsoft.com/kb/5017371
support.microsoft.com/kb/5017373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30170
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30200
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34718
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34719
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34720
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34721
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34731
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35835
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37969
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38004
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38006
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30200
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33647
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33679
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34719
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34720
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34724
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34726
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34727
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34728
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34730
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34731
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34732
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34733
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34734
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35830
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35832
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35833
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35834
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35835
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35836
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35837
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35840
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37955
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37956
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37964
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38004
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38005
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38006
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.28 Low
EPSS
Percentile
96.8%