9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.218 Low
EPSS
Percentile
96.5%
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2017-11934 warning
CVE-2017-11935 critical
CVE-2017-11936 high
CVE-2017-11939 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4011095
support.microsoft.com/kb/4011277
support.microsoft.com/kb/4011575
support.microsoft.com/kb/4011576
support.microsoft.com/kb/4011590
support.microsoft.com/kb/4011602
support.microsoft.com/kb/4011605
support.microsoft.com/kb/4011606
support.microsoft.com/kb/4011608
support.microsoft.com/kb/4011612
support.microsoft.com/kb/4011614
support.microsoft.com/kb/4011627
support.microsoft.com/kb/4011639
support.microsoft.com/kb/4011660
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170021
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11934
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11936
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11939
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
threats.kaspersky.com/en/product/Microsoft-Word/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.218 Low
EPSS
Percentile
96.5%