CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
87.8%
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2022-2601 critical
CVE-2022-3775 high
CVE-2023-40547 critical
CVE-2024-38198 critical
CVE-2024-38120 critical
CVE-2024-38063 critical
CVE-2024-38114 critical
CVE-2024-38145 critical
CVE-2024-38191 critical
CVE-2024-38144 critical
CVE-2024-38126 critical
CVE-2024-38125 critical
CVE-2024-38151 high
CVE-2024-38128 critical
CVE-2024-29995 critical
CVE-2024-38132 critical
CVE-2024-38154 critical
CVE-2024-38193 critical
CVE-2024-38127 critical
CVE-2024-38214 high
CVE-2024-38116 critical
CVE-2024-38134 critical
CVE-2024-38122 high
CVE-2024-38131 critical
CVE-2024-38152 critical
CVE-2024-38178 critical
CVE-2024-38153 critical
CVE-2024-38141 critical
CVE-2024-38117 critical
CVE-2024-37968 critical
CVE-2024-38223 high
CVE-2024-38121 critical
CVE-2024-38130 critical
CVE-2024-38199 critical
CVE-2024-38115 critical
CVE-2024-38146 critical
CVE-2024-38196 critical
CVE-2024-38118 high
CVE-2024-38213 high
CVE-2024-38140 critical
CVE-2024-38107 critical
CVE-2024-38180 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5039260
support.microsoft.com/kb/5039294
support.microsoft.com/kb/5040456
support.microsoft.com/kb/5040485
support.microsoft.com/kb/5040490
support.microsoft.com/kb/5040497
support.microsoft.com/kb/5040498
support.microsoft.com/kb/5040499
support.microsoft.com/kb/5041770
support.microsoft.com/kb/5041823
support.microsoft.com/kb/5041828
support.microsoft.com/kb/5041838
support.microsoft.com/kb/5041847
support.microsoft.com/kb/5041850
support.microsoft.com/kb/5041851
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-2601
msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3775
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-40547
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29995
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37968
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38107
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38114
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38115
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38116
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38117
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38118
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38120
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38121
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38122
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38125
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38126
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38127
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38128
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38130
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38131
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38132
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38134
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38140
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38141
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38144
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38145
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38146
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38151
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38152
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38153
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38154
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38180
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38191
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38196
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38198
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38199
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38213
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38214
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38223
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/