CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
96.5%
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft-Office-Professional-Plus-2010
CVE-2018-8582 critical
CVE-2018-8558 warning
CVE-2018-8576 critical
CVE-2018-8568 warning
CVE-2018-8572 warning
CVE-2018-8522 critical
CVE-2018-8539 critical
CVE-2018-8546 warning
CVE-2018-8579 warning
CVE-2018-8573 critical
CVE-2018-8575 critical
CVE-2018-8574 critical
CVE-2018-8524 critical
CVE-2018-8578 warning
CVE-2018-8577 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/3114565
support.microsoft.com/kb/4011190
support.microsoft.com/kb/4022147
support.microsoft.com/kb/4022232
support.microsoft.com/kb/4022237
support.microsoft.com/kb/4032218
support.microsoft.com/kb/4092473
support.microsoft.com/kb/4461473
support.microsoft.com/kb/4461478
support.microsoft.com/kb/4461483
support.microsoft.com/kb/4461485
support.microsoft.com/kb/4461486
support.microsoft.com/kb/4461487
support.microsoft.com/kb/4461488
support.microsoft.com/kb/4461489
support.microsoft.com/kb/4461501
support.microsoft.com/kb/4461503
support.microsoft.com/kb/4461504
support.microsoft.com/kb/4461506
support.microsoft.com/kb/4461511
support.microsoft.com/kb/4461513
support.microsoft.com/kb/4461518
support.microsoft.com/kb/4461519
support.microsoft.com/kb/4461520
support.microsoft.com/kb/4461524
support.microsoft.com/kb/4461526
support.microsoft.com/kb/4461527
support.microsoft.com/kb/4461529
support.microsoft.com/kb/4461530
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8522
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8524
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8546
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8558
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8568
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8572
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8573
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8574
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8575
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8576
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8579
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Lync/
threats.kaspersky.com/en/product/Microsoft-Office-Access/
threats.kaspersky.com/en/product/Microsoft-Office-PowerPoint/
threats.kaspersky.com/en/product/Microsoft-Office-Professional-Plus-2010/
threats.kaspersky.com/en/product/Microsoft-Office-Visio-2007/
threats.kaspersky.com/en/product/Microsoft-Office-Visio/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
96.5%