9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.592 Medium
EPSS
Percentile
97.8%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface, cause denial of service.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2017-8728 critical
CVE-2017-8737 critical
CVE-2017-8675 high
CVE-2017-8676 warning
CVE-2017-8713 warning
CVE-2017-8714 high
CVE-2017-8716 warning
CVE-2017-8719 warning
CVE-2017-8720 high
CVE-2017-0161 high
CVE-2017-8628 warning
CVE-2017-8677 warning
CVE-2017-8678 warning
CVE-2017-8679 warning
CVE-2017-8680 warning
CVE-2017-8681 warning
CVE-2017-8682 critical
CVE-2017-8683 warning
CVE-2017-8684 warning
CVE-2017-8686 critical
CVE-2017-8687 warning
CVE-2017-8688 warning
CVE-2017-8692 critical
CVE-2017-8695 warning
CVE-2017-8699 critical
CVE-2017-8702 warning
CVE-2017-8704 warning
CVE-2017-8706 warning
CVE-2017-8707 warning
CVE-2017-8708 warning
CVE-2017-8709 warning
CVE-2017-8711 warning
CVE-2017-8712 warning
CVE-2017-8746 warning
CVE-2017-9417 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4025333
support.microsoft.com/kb/4038781
support.microsoft.com/kb/4038782
support.microsoft.com/kb/4038783
support.microsoft.com/kb/4038786
support.microsoft.com/kb/4038788
support.microsoft.com/kb/4038792
support.microsoft.com/kb/4038793
support.microsoft.com/kb/4038799
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-0161
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8628
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8675
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8676
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8677
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8678
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8679
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8680
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8681
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8682
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8683
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8684
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8686
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8687
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8688
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8692
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8695
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8699
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8702
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8704
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8706
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8707
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8708
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8709
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8711
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8712
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8713
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8714
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8716
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8719
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8720
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8728
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8737
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-8746
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2017-9417
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Microsoft-Word/
threats.kaspersky.com/en/product/Windows-RT/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.592 Medium
EPSS
Percentile
97.8%