CVE-2018-0986

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Windows Defender; Windows Intune Endpoint Protection; Microsoft Security Essentials; Microsoft System Center Endpoint Protection
Vendor: CVE Published:; 4 April 2018

Summary

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Affected Version(s)

Microsoft Exchange Server 2013

Microsoft Exchange Server 2016

Microsoft Forefront Endpoint Protection 2010

References

http://www.securitytracker.com/id/1040631

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/103593

vdb-entryx_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

EPSS Score

89% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 4, 2018
Vulnerability Reserved
Dec 1, 2017

Collectors

NVD DatabaseMitre Database