10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.365 Low
EPSS
Percentile
97.2%
Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2020-17043 critical
CVE-2020-17069 high
CVE-2020-17087 critical
CVE-2020-17088 critical
CVE-2020-17045 high
CVE-2020-17051 critical
CVE-2020-17047 critical
CVE-2020-17042 critical
CVE-2020-1599 high
CVE-2020-17044 critical
CVE-2020-16997 critical
CVE-2020-17014 critical
CVE-2020-17038 critical
CVE-2020-17011 critical
CVE-2020-17029 high
CVE-2020-17000 high
CVE-2020-17001 critical
CVE-2020-17068 critical
CVE-2020-17036 high
CVE-2020-17004 high
CVE-2020-17049 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/4586805
support.microsoft.com/kb/4586807
support.microsoft.com/kb/4586817
support.microsoft.com/kb/4586827
support.microsoft.com/kb/5004289
support.microsoft.com/kb/5004299
support.microsoft.com/kb/5004305
support.microsoft.com/kb/5004307
nvd.nist.gov/vuln/detail/CVE-2020-1599
nvd.nist.gov/vuln/detail/CVE-2020-16997
nvd.nist.gov/vuln/detail/CVE-2020-17000
nvd.nist.gov/vuln/detail/CVE-2020-17001
nvd.nist.gov/vuln/detail/CVE-2020-17004
nvd.nist.gov/vuln/detail/CVE-2020-17011
nvd.nist.gov/vuln/detail/CVE-2020-17014
nvd.nist.gov/vuln/detail/CVE-2020-17029
nvd.nist.gov/vuln/detail/CVE-2020-17036
nvd.nist.gov/vuln/detail/CVE-2020-17038
nvd.nist.gov/vuln/detail/CVE-2020-17042
nvd.nist.gov/vuln/detail/CVE-2020-17043
nvd.nist.gov/vuln/detail/CVE-2020-17044
nvd.nist.gov/vuln/detail/CVE-2020-17045
nvd.nist.gov/vuln/detail/CVE-2020-17047
nvd.nist.gov/vuln/detail/CVE-2020-17051
nvd.nist.gov/vuln/detail/CVE-2020-17068
nvd.nist.gov/vuln/detail/CVE-2020-17069
nvd.nist.gov/vuln/detail/CVE-2020-17087
nvd.nist.gov/vuln/detail/CVE-2020-17088
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-17049
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.365 Low
EPSS
Percentile
97.2%