Remote Code Execution Vulnerability in Microsoft Malware Protection Engine
CVE-2017-0290
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 9 May 2017
Badges
Summary
The Microsoft Malware Protection Engine, utilized by Microsoft Defender and Forefront, has a flaw that fails to effectively scan specially crafted files. This can result in memory corruption, allowing attackers to execute arbitrary code on affected systems. The vulnerability impacts various versions of Windows, posing a significant risk to users and organizations reliant on these products for security.
Affected Version(s)
Microsoft Malware Protection Engine Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
90% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved