9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.18 Low
EPSS
Percentile
96.0%
05/09/2023
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code.
Public exploits exist for this vulnerability.
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-24945
CVE-2023-29324
CVE-2023-24946
CVE-2023-24900
CVE-2023-28251
CVE-2023-24942
CVE-2023-29325
CVE-2023-24903
CVE-2023-24940
CVE-2023-24932
CVE-2023-24904
CVE-2023-28283
CVE-2023-29336
CVE-2023-24943
ACE
CVE-2023-293246.5High
CVE-2023-249467.8Critical
CVE-2023-249005.9High
CVE-2023-293257.5Critical
CVE-2023-249326.7High
CVE-2023-249439.8Critical
CVE-2023-249455.5High
CVE-2023-249427.5Critical
CVE-2023-282515.5High
CVE-2023-282838.1Critical
CVE-2023-249407.5Critical
CVE-2023-249038.1Critical
CVE-2023-293367.8Critical
CVE-2023-249047.1High
5026366
5026426
5026408
5026427
5026413
5028222
5028226
5028240
support.microsoft.com/kb/5026366
support.microsoft.com/kb/5026408
support.microsoft.com/kb/5026413
support.microsoft.com/kb/5026426
support.microsoft.com/kb/5026427
support.microsoft.com/kb/5028222
support.microsoft.com/kb/5028226
support.microsoft.com/kb/5028240
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24903
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24943
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24945
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28251
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28283
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29324
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29325
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29336
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24900
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24903
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24904
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24940
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24942
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24943
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24945
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24946
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28251
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28283
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29324
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29325
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.18 Low
EPSS
Percentile
96.0%