Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone and integrity settings, aka "Internet Explorer Elevation of Privilege Vulnerability".
Conclusion & alert: CVE-2018-0942 is rated Moderate Risk (40.8/100): CVSS Low severity, with medium exploitation likelihood (EPSS 3.21%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-19 | 3.12% | 3.21% | +0.09% |
| 2 | 2026-06-15 | 1.89% | 3.12% | +1.23% |
| 3 | 2025-12-04 | — | 1.89% | — |
Full EPSS history (14 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 2.6 | 3.0 | LOW |
|
1.0 | 1.4 | [email protected] |
| 2.1 | 2.0 | LOW |
|
3.9 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| microsoft | internet_explorer | 11 | cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/103312 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1040510 | Third Party Advisory VDB Entry |
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0942 | Patch Vendor Advisory |