193 matches found
Windows Defender <= 1.1.26050.11 Elevation of Privilege (RoguePlanet) (CVE-2026-50656)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to or equal to 1.1.26050.11. It is, therefore, affected by an elevation of privilege vulnerability: - Improper link resolution before file access 'link following' in Microsoft Defende...
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public. The vulnerability, tracked as CVE-2026-50656 CVSS score: 7.8, is a privilege escalation issue in the Microsoft Malware Protection Engine "mpengine.dll...
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 CVSS score: 7.8, with the tech giant describing it as a privilege escalation flaw. "Microsoft is...
CVE-2026-50656
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "...
Microsoft Defender Elevation of Privilege Vulnerability
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "...
Security Update for Windows Defender (May 2026) (CVE-2026-41091)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 1.1.26040.8. It is, therefore, affected by a privilege escalation vulnerability: - Improper link resolution before file access 'link following' in Microsoft Defender allows an...
📄 Microsoft Malware Protection Engine Type Confusion
Microsoft Malware Protection Engine type confusion vulnerability proof of concept exploit for an older vulnerability from 2017. ================================================================================================================================== | Title : Microsoft Malware Protection...
EUVD-2011-0063
Malware in sbrugna...
EUVD-2017-17487
Malware in sbrugna...
EUVD-2017-17485
Malware in sbrugna...
CVE-2013-1346
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
Security Updates for Windows Defender (November 2023)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 4.18.23100.2009. It is, therefore, affected by a privilege escalation vulnerability. An authenticated attacker can exploit this to gain elevated privileges. Note that Nessus has no...
Security Updates for Windows Defender (July 2023)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 1.1.23050.3. It is, therefore, affected by an elevation of privilege vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's...
KLA50772 PE vulnerability in Microsoft System Center
An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2023-33156 Related products Windows-Defender CVE list CVE-2023-33156 high KB list Solution Install necessary updates from the KB...
PT-2023-2750 · Microsoft · Malware Protection Engine +1
Name of the Vulnerable Software and Affected Versions: Microsoft Malware Protection Engine MPE affected versions not specified Microsoft Defender affected versions not specified Description: The issue is related to a lack of protection for service data in the Microsoft Malware Protection Engine...
Security Updates for Windows Defender (April 2023)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 1.1.20200.4. It is, therefore, affected by a denial of service vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's...
KLA48556 PE vulnerability in Microsoft System Center
An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2023-23389 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2023-23389 high KB list Solution Install...
PT-2023-1779 · Microsoft · Defender
Name of the Vulnerable Software and Affected Versions: Microsoft Defender affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in Microsoft Defender. It is caused by synchronization errors when using a shared resource in the Microsoft Malwar...
PT-2022-5633 · Microsoft · Malware Protection Engine +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Defender affected versions not specified Description: The issue is related to the Microsoft Malware Protection Engine MPE and is associated with insufficient access control. Exploitation of this issue may allow an attacker t...
KLA20003 PE vulnerability in Microsoft System Center
An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2022-37971 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2022-37971 high KB list Solution Install...