9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.955 High
EPSS
Percentile
99.4%
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2021-34497 high
CVE-2021-34444 high
CVE-2021-34504 critical
CVE-2021-34456 critical
CVE-2021-33788 critical
CVE-2021-34494 critical
CVE-2021-34446 critical
CVE-2021-31183 critical
CVE-2021-33745 high
CVE-2021-34440 high
CVE-2021-33749 critical
CVE-2021-33764 high
CVE-2021-33757 high
CVE-2021-34441 critical
CVE-2021-34507 high
CVE-2021-34516 critical
CVE-2021-33780 critical
CVE-2021-34476 critical
CVE-2021-34511 critical
CVE-2021-34500 high
CVE-2021-34496 high
CVE-2021-33783 high
CVE-2021-34492 critical
CVE-2021-34442 critical
CVE-2021-33765 high
CVE-2021-33786 critical
CVE-2021-33754 critical
CVE-2021-33752 critical
CVE-2021-33750 critical
CVE-2021-31979 critical
CVE-2021-33756 critical
CVE-2021-34448 high
CVE-2021-34499 high
CVE-2021-34457 high
CVE-2021-33746 critical
CVE-2021-34498 critical
CVE-2021-34447 high
CVE-2021-33782 high
CVE-2021-34514 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/5004289
support.microsoft.com/kb/5004299
support.microsoft.com/kb/5004305
support.microsoft.com/kb/5004307
support.microsoft.com/kb/5005563
support.microsoft.com/kb/5010384
support.microsoft.com/kb/5010403
support.microsoft.com/kb/5010404
support.microsoft.com/kb/5010422
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31183
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-31979
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33745
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33746
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33749
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33750
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33752
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33754
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33756
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33757
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33764
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33765
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33780
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33782
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33783
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33786
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-33788
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34440
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34441
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34442
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34444
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34446
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34447
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34448
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34456
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34457
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34476
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34492
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34494
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34496
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34497
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34498
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34499
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34500
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34504
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34507
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34511
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34514
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-34516
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.955 High
EPSS
Percentile
99.4%