CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.3%
Multiple vulnerabilities were found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2018-0872 critical
CVE-2018-0873 critical
CVE-2018-0874 critical
CVE-2018-0876 critical
CVE-2018-0879 warning
CVE-2018-0889 critical
CVE-2018-0891 warning
CVE-2018-0893 critical
CVE-2018-0927 warning
CVE-2018-0929 warning
CVE-2018-0930 critical
CVE-2018-0931 critical
CVE-2018-0932 warning
CVE-2018-0933 critical
CVE-2018-0934 critical
CVE-2018-0935 critical
CVE-2018-0936 critical
CVE-2018-0937 critical
CVE-2018-0939 warning
CVE-2018-0942 warning
CVE-2018-0925 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4088776
support.microsoft.com/kb/4088779
support.microsoft.com/kb/4088782
support.microsoft.com/kb/4088786
support.microsoft.com/kb/4088787
support.microsoft.com/kb/4088875
support.microsoft.com/kb/4088876
support.microsoft.com/kb/4088877
support.microsoft.com/kb/4089187
support.microsoft.com/kb/4096040
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0872
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0873
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0874
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0876
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0879
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0889
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0891
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0893
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0925
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0927
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0929
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0930
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0931
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0932
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0933
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0934
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0935
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0936
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0937
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0939
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0942
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/ChakraCore/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.3%