7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
0.95 High
EPSS
Percentile
99.3%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2018-0811 warning
CVE-2018-0813 warning
CVE-2018-0814 warning
CVE-2018-0815 high
CVE-2018-0816 high
CVE-2018-0817 high
CVE-2018-0868 high
CVE-2018-0878 warning
CVE-2018-0881 high
CVE-2018-0883 critical
CVE-2018-0885 high
CVE-2018-0886 critical
CVE-2018-0888 warning
CVE-2018-0894 warning
CVE-2018-0895 warning
CVE-2018-0896 warning
CVE-2018-0897 warning
CVE-2018-0898 warning
CVE-2018-0899 warning
CVE-2018-0900 warning
CVE-2018-0901 warning
CVE-2018-0904 warning
CVE-2018-0889 critical
CVE-2018-0891 warning
CVE-2018-0929 warning
CVE-2018-0935 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4056564
support.microsoft.com/kb/4073011
support.microsoft.com/kb/4087398
support.microsoft.com/kb/4088827
support.microsoft.com/kb/4088875
support.microsoft.com/kb/4088878
support.microsoft.com/kb/4089175
support.microsoft.com/kb/4089187
support.microsoft.com/kb/4089229
support.microsoft.com/kb/4089344
support.microsoft.com/kb/4089453
support.microsoft.com/kb/4103712
support.microsoft.com/kb/4103718
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0811
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0813
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0814
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0815
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0816
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0817
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0868
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0878
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0881
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0883
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0885
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0886
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0888
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0889
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0891
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0894
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0895
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0896
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0897
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0898
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0899
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0900
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0901
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0904
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0929
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-0935
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/ChakraCore/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
Low
0.95 High
EPSS
Percentile
99.3%