CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
95.3%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2020-1064 critical
CVE-2020-1062 critical
CVE-2020-1060 critical
CVE-2020-1058 critical
CVE-2020-1093 critical
CVE-2020-1092 critical
CVE-2020-1035 critical
CVE-2020-1048 high
CVE-2020-0963 warning
CVE-2020-1112 critical
CVE-2020-1179 warning
CVE-2020-0909 warning
CVE-2020-1174 critical
CVE-2020-1113 critical
CVE-2020-1176 critical
CVE-2020-1116 warning
CVE-2020-1114 high
CVE-2020-1071 high
CVE-2020-1070 high
CVE-2020-1072 warning
CVE-2020-1078 warning
CVE-2020-1054 high
CVE-2020-1143 high
CVE-2020-1067 critical
CVE-2020-1051 critical
CVE-2020-1154 high
CVE-2020-1153 critical
CVE-2020-1141 warning
CVE-2020-1061 critical
CVE-2020-1175 critical
CVE-2020-1081 high
CVE-2020-1010 high
CVE-2020-1150 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4556798
support.microsoft.com/kb/4556836
support.microsoft.com/kb/4556843
support.microsoft.com/kb/4556854
support.microsoft.com/kb/4556860
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0909
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-0963
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1010
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1035
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1048
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1051
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1054
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1058
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1060
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1061
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1062
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1064
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1067
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1070
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1071
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1072
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1078
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1081
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1092
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1093
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1112
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1113
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1114
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1116
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1141
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1143
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1150
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1153
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1154
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1174
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1175
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1176
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-1179
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
95.3%