7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.973 High
EPSS
Percentile
99.9%
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
CVE-2017-0065 warning
CVE-2017-0066 warning
CVE-2017-0067 critical
CVE-2017-0068 warning
CVE-2017-0069 warning
CVE-2017-0070 critical
CVE-2017-0071 critical
CVE-2017-0094 critical
CVE-2017-0037 critical
CVE-2017-0131 critical
CVE-2017-0132 critical
CVE-2017-0133 critical
CVE-2017-0134 critical
CVE-2017-0135 warning
CVE-2017-0136 critical
CVE-2017-0137 critical
CVE-2017-0138 critical
CVE-2017-0140 warning
CVE-2017-0141 critical
CVE-2017-0150 critical
CVE-2017-0151 critical
CVE-2017-0009 warning
CVE-2017-0010 critical
CVE-2017-0011 warning
CVE-2017-0012 warning
CVE-2017-0015 critical
CVE-2017-0017 warning
CVE-2017-0023 critical
CVE-2017-0032 critical
CVE-2017-0033 warning
CVE-2017-0034 critical
CVE-2017-0035 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4012606
support.microsoft.com/kb/4013198
support.microsoft.com/kb/4013429
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0009
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0010
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0011
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0012
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0015
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0017
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0023
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0032
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0033
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0034
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0035
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0037
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0065
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0066
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0067
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0068
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0069
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0070
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0071
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0094
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0131
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0132
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0133
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0134
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0135
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0136
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0137
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0138
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0140
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0141
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0150
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0151
statistics.securelist.com/
technet.microsoft.com/library/security/MS17-007
threats.kaspersky.com/en/product/Microsoft-Edge/
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.973 High
EPSS
Percentile
99.9%