9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.05 Low
EPSS
Percentile
92.6%
08/08/2023
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service, bypass security restrictions.
Public exploits exist for this vulnerability.
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-38184
CVE-2023-36908
CVE-2023-38254
CVE-2023-20569
CVE-2023-35376
CVE-2023-36900
CVE-2023-35381
CVE-2023-35377
CVE-2023-36911
CVE-2023-35359
CVE-2023-36912
CVE-2023-36909
CVE-2023-35380
CVE-2023-36876
CVE-2023-36907
CVE-2023-36882
CVE-2023-36910
CVE-2023-36906
CVE-2023-38172
CVE-2023-36903
CVE-2023-35383
CVE-2023-36889
CVE-2023-35385
CVE-2023-36913
CVE-2023-35379
CVE-2023-35387
CVE-2023-35384
ACE
CVE-2023-381847.5Critical
CVE-2023-205694.7Warning
CVE-2023-353766.5High
CVE-2023-353818.8Critical
CVE-2023-353776.5High
CVE-2023-369119.8Critical
CVE-2023-353597.8Critical
CVE-2023-369096.5High
CVE-2023-369077.5Critical
CVE-2023-369109.8Critical
CVE-2023-369067.5Critical
CVE-2023-353846.5High
CVE-2023-369086.5High
CVE-2023-382546.5High
CVE-2023-369007.8Critical
CVE-2023-353878.8Critical
CVE-2023-369127.5Critical
CVE-2023-353807.8Critical
CVE-2023-368828.8Critical
CVE-2023-381727.5Critical
CVE-2023-369039.8Critical
CVE-2023-353837.5Critical
CVE-2023-368895.5High
CVE-2023-353859.8Critical
CVE-2023-369137.5Critical
CVE-2023-368767.1High
CVE-2023-353797.8Critical
5029304
5029295
5029308
5029243
5029312
5029301
5029318
5029296
5029307
support.microsoft.com/kb/5029243
support.microsoft.com/kb/5029295
support.microsoft.com/kb/5029296
support.microsoft.com/kb/5029301
support.microsoft.com/kb/5029304
support.microsoft.com/kb/5029307
support.microsoft.com/kb/5029308
support.microsoft.com/kb/5029312
support.microsoft.com/kb/5029318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35359
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35380
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35381
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35383
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35384
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35385
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36876
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36903
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36906
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36907
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36908
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36909
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36913
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38172
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38184
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38254
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-20569
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35379
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36876
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.05 Low
EPSS
Percentile
92.6%