214 matches found
Microsoft Releases Security Update
Microsoft has released a security update to address a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply t...
Microsoft Malware Protection Engine < 1.1.14700.5 RCE
The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14700.5. It is, therefore, affected by a remote code execution vulnerability which could allow an attacker who successfully exploited this vulnerability to execute arbitrary code in the...
Microsoft Malware Protection Engine on Windows Defender RCE Vulnerability (Apr 2018)
This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 03-04-2018 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Patch Tuesday, December 2017 Edition
The final Patch Tuesday of the year is upon us, with Adobe and Microsoft each issuing security updates for their software once again. Redmond fixed problems with various flavors of Windows, Microsoft Edge, Office, Exchange and its Malware Protection Engine. And of course Adobe's got another...
December Patch Tuesday: Quiet End to the Year
This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based. Overall, this month's updates address are fixes for 3...
Microsoft December Patch Tuesday Update Fixes Six Critical Bugs
Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. Notable...
Multiple Microsoft Products Malware Protection Engine Remote Code Execution Vulnerability
Microsoft Endpoint Protection and others are products of Microsoft Corporation, U.S.A. Microsoft Endpoint Protection is a free antivirus program; Windows Defender is a suite of antivirus programs used to remove, quarantine and prevent spyware. Malware Protection Engine is one of the malware...
CVE-2017-11940
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
CVE-2017-11940
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
CVE-2017-11940
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
CVE-2017-11940
CVE-2017-11940 / CVE-2017-11937 describe a remote code execution vulnerability in the Microsoft Malware Protection Engine (MMPE) used by Windows Defender/Endpoint Protection, Forefront, and related products. The issue stems from MMPE not properly scanning specially crafted files, which can lead t...
CVE-2017-11940
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
Microsoft Malware Protection Engine on Windows Defender Multiple RCE Vulnerabilities (Dec 2017)
This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 12/06/2017 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Microsoft Malware Protection Engine < 1.1.14405.2 RCE
The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14405.2. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has checked if a vulnerable version of MMPE is being used by any of the following application...
Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability
Microsoft has just released an emergency security patch to address a critical remote code execution RCE vulnerability in its Malware Protection Engine MPE that could allow an attacker to take full control of a victim's PC. Enabled by default, Microsoft Malware Protection Engine offers the core...
CVE-2017-11937
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
Remote code execution
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
CVE-2017-11937
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
CVE-2017-11937
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...