CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.2%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2018-0952 critical
CVE-2018-8405 critical
CVE-2018-8414 critical
CVE-2018-8345 critical
CVE-2018-8349 critical
CVE-2018-8401 critical
CVE-2018-8340 high
CVE-2018-8398 high
CVE-2018-8204 high
CVE-2018-8406 critical
CVE-2018-8348 warning
CVE-2018-8347 critical
CVE-2018-8339 high
CVE-2018-8343 critical
CVE-2018-8400 critical
CVE-2018-8394 high
CVE-2018-8350 critical
CVE-2018-8404 high
CVE-2018-8399 high
CVE-2018-8253 warning
CVE-2018-8341 warning
CVE-2018-8200 high
CVE-2018-8344 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4343885
support.microsoft.com/kb/4343887
support.microsoft.com/kb/4343888
support.microsoft.com/kb/4343892
support.microsoft.com/kb/4343896
support.microsoft.com/kb/4343897
support.microsoft.com/kb/4343898
support.microsoft.com/kb/4343901
support.microsoft.com/kb/4343909
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/ADV180018
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0952
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8200
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8204
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8253
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8339
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8340
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8341
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8343
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8344
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8345
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8347
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8348
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8349
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8350
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8394
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8398
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8399
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8400
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8401
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8404
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8405
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8406
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8414
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.2%