9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
0.971 High
EPSS
Percentile
99.8%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2019-1429 critical
CVE-2019-1390 critical
CVE-2019-1415 warning
CVE-2019-1411 warning
CVE-2019-0712 high
CVE-2019-1424 high
CVE-2019-1399 high
CVE-2019-1396 high
CVE-2019-1395 high
CVE-2019-1439 warning
CVE-2019-1454 warning
CVE-2018-12207 warning
CVE-2019-1406 critical
CVE-2019-1382 warning
CVE-2019-1391 warning
CVE-2019-11135 warning
CVE-2019-1394 high
CVE-2019-1434 high
CVE-2019-1433 high
CVE-2019-1418 warning
CVE-2019-1432 warning
CVE-2019-1409 warning
CVE-2019-1389 critical
CVE-2019-1393 high
CVE-2019-0719 critical
CVE-2019-1384 high
CVE-2019-1441 critical
CVE-2019-1419 high
CVE-2019-1408 high
CVE-2019-1456 high
CVE-2019-1412 warning
CVE-2019-1397 critical
CVE-2019-1388 high
CVE-2019-1405 high
CVE-2019-1438 high
CVE-2019-1435 high
CVE-2019-1422 warning
CVE-2019-1407 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/4516033
support.microsoft.com/kb/4516065
support.microsoft.com/kb/4519976
support.microsoft.com/kb/4520002
support.microsoft.com/kb/4520003
support.microsoft.com/kb/4520009
support.microsoft.com/kb/4525106
support.microsoft.com/kb/4525233
support.microsoft.com/kb/4525234
support.microsoft.com/kb/4525235
support.microsoft.com/kb/4525239
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2018-12207
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0712
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-0719
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-11135
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1382
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1384
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1388
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1389
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1390
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1391
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1393
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1394
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1395
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1396
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1397
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1399
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1405
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1406
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1407
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1408
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1409
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1411
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1412
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1415
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1418
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1419
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1422
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1424
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1429
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1432
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1433
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1434
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1435
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1438
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1439
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1441
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1454
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2019-1456
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
10 High
AI Score
Confidence
Low
0.971 High
EPSS
Percentile
99.8%