CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.8%
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
The following public exploits exists for this vulnerability:
https://www.exploit-db.com/exploits/41623
https://www.exploit-db.com/exploits/43125
https://www.exploit-db.com/exploits/41454
https://www.exploit-db.com/exploits/42354
https://www.exploit-db.com/exploits/43125
https://www.exploit-db.com/exploits/41661
CVE-2017-0065 warning
CVE-2017-0066 warning
CVE-2017-0067 unknown
CVE-2017-0068 warning
CVE-2017-0069 warning
CVE-2017-0070 unknown
CVE-2017-0071 unknown
CVE-2017-0094 unknown
CVE-2017-0037 critical
CVE-2017-0131 unknown
CVE-2017-0132 unknown
CVE-2017-0133 unknown
CVE-2017-0134 unknown
CVE-2017-0135 warning
CVE-2017-0136 unknown
CVE-2017-0137 unknown
CVE-2017-0138 unknown
CVE-2017-0140 warning
CVE-2017-0141 unknown
CVE-2017-0150 unknown
CVE-2017-0151 unknown
CVE-2017-0009 warning
CVE-2017-0010 unknown
CVE-2017-0011 warning
CVE-2017-0012 warning
CVE-2017-0015 unknown
CVE-2017-0017 warning
CVE-2017-0023 critical
CVE-2017-0032 unknown
CVE-2017-0033 warning
CVE-2017-0034 unknown
CVE-2017-0035 unknown
CVE-2017-0049 warning
CVE-2017-0059 warning
CVE-2017-0130 critical
CVE-2017-0149 critical
CVE-2017-0154 high
CVE-2017-0008 warning
CVE-2017-0018 critical
CVE-2017-0040 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4012204
support.microsoft.com/kb/4012215
support.microsoft.com/kb/4012216
support.microsoft.com/kb/4012217
support.microsoft.com/kb/4012606
support.microsoft.com/kb/4013198
support.microsoft.com/kb/4013429
support.microsoft.com/kb/4025338
support.microsoft.com/kb/4025339
support.microsoft.com/kb/4025342
support.microsoft.com/kb/4025344
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0008
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0009
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0010
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0011
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0012
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0015
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0017
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0018
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0023
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0032
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0033
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0034
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0035
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0037
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0040
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0049
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0059
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0065
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0066
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0067
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0068
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0069
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0070
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0071
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0094
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0130
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0131
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0132
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0133
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0134
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0135
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0136
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0137
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0138
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0140
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0141
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0149
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0150
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0151
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0154
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
www.exploit-db.com/exploits/41454
www.exploit-db.com/exploits/41623
www.exploit-db.com/exploits/41661
www.exploit-db.com/exploits/42354
www.exploit-db.com/exploits/43125
www.exploit-db.com/exploits/43125
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.8%