CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.8%
Multiple vulnerabilities were found in Microsoft Products (Eextended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2018-8385 critical
CVE-2018-8353 critical
CVE-2018-8389 critical
CVE-2018-8371 critical
CVE-2018-8373 critical
CVE-2018-8345 critical
CVE-2018-8349 critical
CVE-2018-8398 warning
CVE-2018-8348 warning
CVE-2018-8339 high
CVE-2018-8343 high
CVE-2018-8394 warning
CVE-2018-8346 critical
CVE-2018-8404 high
CVE-2018-8397 critical
CVE-2018-8396 warning
CVE-2018-8341 warning
CVE-2018-8342 high
CVE-2018-8344 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4338380
support.microsoft.com/kb/4340937
support.microsoft.com/kb/4340939
support.microsoft.com/kb/4341832
support.microsoft.com/kb/4343205
support.microsoft.com/kb/4343674
support.microsoft.com/kb/4343899
support.microsoft.com/kb/4343900
support.microsoft.com/kb/4344104
support.microsoft.com/kb/4457984
support.microsoft.com/kb/4458010
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/ADV180018
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8339
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8341
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8342
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8343
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8344
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8345
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8346
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8348
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8349
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8353
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8371
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8373
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8385
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8389
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8394
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8396
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8397
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8398
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-8404
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/ChakraCore/
threats.kaspersky.com/en/product/Microsoft-Edge/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.8%