9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
0.973 High
EPSS
Percentile
99.9%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2016-0185 critical
CVE-2016-0189 critical
CVE-2016-0181 warning
CVE-2016-0197 high
CVE-2016-0196 high
CVE-2016-0195 critical
CVE-2016-0152 high
CVE-2016-0168 warning
CVE-2016-0176 high
CVE-2016-0174 high
CVE-2016-0175 warning
CVE-2016-0180 high
CVE-2016-0173 high
CVE-2016-0170 critical
CVE-2016-0171 high
CVE-2016-0190 warning
CVE-2016-0184 critical
CVE-2016-0169 warning
CVE-2016-0182 critical
CVE-2016-0178 critical
CVE-2016-0179 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/3141083
support.microsoft.com/kb/3150220
support.microsoft.com/kb/3153171
support.microsoft.com/kb/3153199
support.microsoft.com/kb/3153704
support.microsoft.com/kb/3155178
support.microsoft.com/kb/3155784
support.microsoft.com/kb/3156013
support.microsoft.com/kb/3156016
support.microsoft.com/kb/3156017
support.microsoft.com/kb/3156019
support.microsoft.com/kb/3156059
support.microsoft.com/kb/3156387
support.microsoft.com/kb/3156421
support.microsoft.com/kb/3158991
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0152
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0168
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0169
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0170
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0171
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0173
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0174
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0175
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0176
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0178
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0179
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0180
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0181
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0182
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0184
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0185
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0189
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0190
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0195
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0196
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2016-0197
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
0.973 High
EPSS
Percentile
99.9%