CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.5%
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information.
Below is a complete list of vulnerabilities
This vulnerability can be exploited by the following malware:
https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2015-1701/
Public exploits exist for this vulnerability.
CVE-2015-1686 warning
CVE-2015-1684 warning
CVE-2015-1702 high
CVE-2015-1679 warning
CVE-2015-1678 warning
CVE-2015-1680 warning
CVE-2015-1672 warning
CVE-2015-1701 high
CVE-2015-1677 warning
CVE-2015-1676 warning
CVE-2015-1681 warning
CVE-2015-1674 warning
CVE-2015-1673 critical
CVE-2015-1716 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conΡrete program errors.
support.microsoft.com/kb/3023211
support.microsoft.com/kb/3023213
support.microsoft.com/kb/3023215
support.microsoft.com/kb/3023217
support.microsoft.com/kb/3023219
support.microsoft.com/kb/3023220
support.microsoft.com/kb/3023221
support.microsoft.com/kb/3023222
support.microsoft.com/kb/3023223
support.microsoft.com/kb/3023224
support.microsoft.com/kb/3032655
support.microsoft.com/kb/3032662
support.microsoft.com/kb/3032663
support.microsoft.com/kb/3035485
support.microsoft.com/kb/3035486
support.microsoft.com/kb/3035487
support.microsoft.com/kb/3035488
support.microsoft.com/kb/3035489
support.microsoft.com/kb/3035490
support.microsoft.com/kb/3045171
support.microsoft.com/kb/3049563
support.microsoft.com/kb/3050514
support.microsoft.com/kb/3050941
support.microsoft.com/kb/3050945
support.microsoft.com/kb/3050946
support.microsoft.com/kb/3051768
support.microsoft.com/kb/3055642
support.microsoft.com/kb/3057134
support.microsoft.com/kb/3057191
support.microsoft.com/kb/3057263
support.microsoft.com/kb/3061518
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1672
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1673
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1674
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1676
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1677
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1678
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1679
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1680
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1681
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1684
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1686
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1701
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1702
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1716
statistics.securelist.com/
technet.microsoft.com/en-us/library/security/ms15-055
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2003/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Windows-RT/
threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2015-1701/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.5%