CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.2%
Multiple serious vulnerabilities have been found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information.
Public exploits exist for this vulnerability.
CVE-2017-11791 warning
CVE-2017-11803 warning
CVE-2017-11827 critical
CVE-2017-11833 warning
CVE-2017-11834 warning
CVE-2017-11836 critical
CVE-2017-11837 critical
CVE-2017-11838 critical
CVE-2017-11839 critical
CVE-2017-11840 critical
CVE-2017-11841 critical
CVE-2017-11843 critical
CVE-2017-11844 warning
CVE-2017-11845 critical
CVE-2017-11846 critical
CVE-2017-11848 warning
CVE-2017-11855 critical
CVE-2017-11856 critical
CVE-2017-11858 critical
CVE-2017-11861 critical
CVE-2017-11862 critical
CVE-2017-11863 warning
CVE-2017-11866 critical
CVE-2017-11869 critical
CVE-2017-11870 critical
CVE-2017-11871 critical
CVE-2017-11872 warning
CVE-2017-11873 critical
CVE-2017-11874 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4042895
support.microsoft.com/kb/4047206
support.microsoft.com/kb/4048952
support.microsoft.com/kb/4048953
support.microsoft.com/kb/4048954
support.microsoft.com/kb/4048955
support.microsoft.com/kb/4048956
support.microsoft.com/kb/4048957
support.microsoft.com/kb/4048958
support.microsoft.com/kb/4048959
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11791
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11803
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11827
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11833
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11834
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11836
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11837
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11838
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11839
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11840
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11841
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11843
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11844
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11845
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11846
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11848
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11855
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11856
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11858
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11861
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11862
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11863
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11866
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11869
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11870
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11871
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11872
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11873
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11874
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.2%