Remote Code Execution Vulnerability in Microsoft Malware Protection Engine
CVE-2018-0986

8.8HIGH

Key Information:

Vendor
Microsoft
Status
Windows Defender
Windows Intune Endpoint Protection
Microsoft Security Essentials
Microsoft System Center Endpoint Protection
Vendor
CVE Published:
4 April 2018

Summary

A remote code execution vulnerability occurs in the Microsoft Malware Protection Engine due to improper scanning of specially crafted files. This issue can lead to memory corruption, potentially allowing an attacker to execute arbitrary code on affected systems. The vulnerable software includes Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, and other Microsoft security products. It is crucial for users to apply timely updates and security patches to mitigate risks associated with this vulnerability.

Affected Version(s)

Microsoft Exchange Server 2013

Microsoft Exchange Server 2016

Microsoft Forefront Endpoint Protection 2010

References

http://www.securitytracker.com/id/1040631
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/103593
vdb-entryx_refsource_BID
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

EPSS Score

76% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.