8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.798 High
EPSS
Percentile
98.3%
Multiple unspecified vulnerabilities was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed content.
Technical details
You can mitigate this vulnerability via using Microsoft Office File Block Policy. For further details look at original advisory listed below.
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2016-0145 critical
CVE-2016-0136 critical
CVE-2016-0139 critical
CVE-2016-0122 critical
CVE-2016-0127 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/3114542
support.microsoft.com/kb/3114566
support.microsoft.com/kb/3114871
support.microsoft.com/kb/3114888
support.microsoft.com/kb/3114892
support.microsoft.com/kb/3114895
support.microsoft.com/kb/3114897
support.microsoft.com/kb/3114898
support.microsoft.com/kb/3114927
support.microsoft.com/kb/3114934
support.microsoft.com/kb/3114937
support.microsoft.com/kb/3114944
support.microsoft.com/kb/3114947
support.microsoft.com/kb/3114960
support.microsoft.com/kb/3114964
support.microsoft.com/kb/3114982
support.microsoft.com/kb/3114983
support.microsoft.com/kb/3114985
support.microsoft.com/kb/3114987
support.microsoft.com/kb/3114988
support.microsoft.com/kb/3114990
support.microsoft.com/kb/3114993
support.microsoft.com/kb/3114994
support.microsoft.com/kb/3142577
support.microsoft.com/kb/3144427
support.microsoft.com/kb/3144428
support.microsoft.com/kb/3144429
support.microsoft.com/kb/3144432
support.microsoft.com/kb/3154208
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0122
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0127
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0136
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0139
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0145
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Office/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.798 High
EPSS
Percentile
98.3%