8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
38.1%
03/12/2024
Critical
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions.
Public exploits exist for this vulnerability.
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2024-21439
CVE-2024-26197
CVE-2024-21441
CVE-2024-21450
CVE-2024-26161
CVE-2024-26162
CVE-2024-21446
CVE-2024-26166
CVE-2024-26159
CVE-2024-21440
CVE-2024-26177
CVE-2024-21433
CVE-2024-21444
CVE-2024-26176
CVE-2024-26173
CVE-2024-21432
CVE-2024-21430
CVE-2024-26174
CVE-2024-21437
CVE-2024-21407
CVE-2024-21427
CVE-2024-21429
CVE-2024-21451
CVE-2024-26169
CVE-2024-21436
CVE-2024-26181
CVE-2023-28746
CVE-2024-26178
ACE
CVE-2024-214397.0High
CVE-2024-261976.5High
CVE-2024-214418.8Critical
CVE-2024-214505.0Warning
CVE-2024-261618.8Critical
CVE-2024-261628.8Critical
CVE-2024-214467.8Critical
CVE-2024-261668.8Critical
CVE-2024-261598.8Critical
CVE-2024-214405.0Warning
CVE-2024-261775.5High
CVE-2024-214337.0High
CVE-2024-214448.8Critical
CVE-2024-261765.0Warning
CVE-2024-261737.8Critical
CVE-2024-214327.0High
CVE-2024-214305.0Warning
CVE-2024-261745.5High
CVE-2024-214377.8Critical
CVE-2024-214078.1Critical
CVE-2024-214277.5Critical
CVE-2024-214296.8High
CVE-2024-214518.8Critical
CVE-2024-261697.8Critical
CVE-2024-214367.8Critical
CVE-2024-261815.5High
CVE-2023-287465.0Warning
CVE-2024-261787.8Critical
5035885
5035933
5035930
5035919
5035888
5035920
support.microsoft.com/kb/5035885
support.microsoft.com/kb/5035888
support.microsoft.com/kb/5035919
support.microsoft.com/kb/5035920
support.microsoft.com/kb/5035930
support.microsoft.com/kb/5035933
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21427
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21433
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21437
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21440
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21444
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21450
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21451
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26159
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26161
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26162
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26166
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26169
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26173
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26174
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26176
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26177
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26178
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26181
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26197
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28746
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21407
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21427
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21429
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21430
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21432
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21433
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21436
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21437
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21439
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21440
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21441
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21444
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21446
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21450
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21451
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26159
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26161
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26162
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26169
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26173
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26174
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26176
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26177
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26178
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26181
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26197
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
38.1%