CVE-2017-0290

🗓️ 09 May 2017 06:03:00Reported by microsoftType

Microsoft Malware Protection Engine Remote Code Execution Vulnerability in Microsoft product

Reporter	Title	Published	Views	Family All 26
0day.today	Microsoft Windows 8 / 8.1 / 10 / Windows Server / SCEP, Microsoft Security Essentials - MsMpEng Remo	9 May 201700:00	–	zdt
Circl	CVE-2017-0290	9 May 201700:00	–	circl
CNVD	Microsoft Malware Protection Engine Remote Code Execution Vulnerability	9 May 201700:00	–	cnvd
Check Point Advisories	Microsoft Malware Protection Engine Type Confusion Remote Code Execution (CVE-2017-0290)	9 May 201700:00	–	checkpoint_advisories
Cvelist	CVE-2017-0290	9 May 201706:03	–	cvelist
Kaspersky	KLA11012 Remote code execution vulnerability in the Microsoft Malware Protection Engine	9 May 201700:00	–	kaspersky
Kaspersky	KLA11836 ACE vulnerability in Microsoft System Center	8 May 201700:00	–	kaspersky
Microsoft CVE	Microsoft Malware Protection Engine Remote Code Execution Vulnerability	8 May 201707:00	–	mscve
NVD	CVE-2017-0290	9 May 201706:29	–	nvd
OpenVAS	Microsoft Malware Protection Engine RCE Vulnerability (4022344)	10 May 201700:00	–	openvas

NVD

Node

microsoft forefront_securityMatch-

microsoft malware_protection_engineRange≤1.1.13701.0

microsoft windows_defenderMatch-

AND

microsoft windows_10Match-

microsoft windows_10Match1511

microsoft windows_10Match1607

microsoft windows_10Match1703

microsoft windows_7Match-sp1

microsoft windows_8.1

microsoft windows_rt_8.1Match-

microsoft windows_server_2008Match-sp2

microsoft windows_server_2008Matchr2sp1

microsoft windows_server_2012Match-gold

microsoft windows_server_2012Matchr2

microsoft windows_server_2016Match-

[
  {
    "product": "Microsoft Malware Protection Engine",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016"
      }
    ]
  }
]

Source	Link
exploit-db	www.exploit-db.com/exploits/41975/
securitytracker	www.securitytracker.com/id/1038420
twitter	www.twitter.com/natashenka/status/861748397409058816
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0290
bugs	www.bugs.chromium.org/p/project-zero/issues/detail
technet	www.technet.microsoft.com/library/security/4022344
securityfocus	www.securityfocus.com/bid/98330
arstechnica	www.arstechnica.com/information-technology/2017/05/windows-defender-nscript-remote-vulnerability/
securitytracker	www.securitytracker.com/id/1038419
0patch	www.0patch.blogspot.si/2017/05/0patching-worst-windows-remote-code.html

13 May 2026 00:24Current

7.6High risk

Vulners AI Score7.6

CVSS 37.8

CVSS 29.3

EPSS0.87143

CWE-119