214 matches found
CVE-2017-11937
The CVE-2017-11937 entry describes a remote code execution flaw in Microsoft Malware Protection Engine (MMPE), affecting Windows Defender/Forefront and related products across multiple Windows versions. The vulnerability arises when the MMPE fails to properly scan a specially crafted file, enabli...
CVE-2017-11937
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properl...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CNVD-2018-00255)
Microsoft Endpoint Protection and others are products of Microsoft Corporation, U.S.A. Microsoft Endpoint Protection is a free antivirus program; Windows Defender is a suite of antivirus programs used to remove, quarantine and prevent spyware. Malware Protection Engine is one of the malware...
Microsoft Releases Security Updates for its Malware Protection Engine
Microsoft has released updates to address a vulnerability in Microsoft Malware Protection Engine affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review Microsoft's Advisory and...
Microsoft Malware Protection Engine RCE Vulnerability (Jul 2017)
malware protection engine is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Security Essentials RCE Vulnerability (Jul 2017)
Security Essentials is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Remote code execution
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly sc...
CVE-2017-8558
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly sc...
CVE-2017-8558
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly sc...
CVE-2017-8558
CVE-2017-8558 affects the Microsoft Malware Protection Engine used by Forefront/Defender on Windows platforms (32‑bit). The vulnerability arises when scanning specially crafted files, leading to memory corruption and remote code execution. Public evidence in multiple feeds confirms this as a remo...
CVE-2017-8558
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703 does not properly sc...
Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
Google Project Zero continues to scrape away at the ubiquitous Microsoft Malware Protection Engine at the core of many security products embedded in Windows, and it continues to discover new critical vulnerabilities. The latest, another remote code execution flaw, was patched on Friday after it w...
Microsoft Malware Protection Engine VFS API Remote Code Execution (CVE-2017-8558)
A memory corruption vulnerability has been reported in Microsoft Malware Protection Engine. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file. A successful exploitation could lead to arbitrary code execution...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
Microsoft Malware Protection Engine is a Microsoft malicious program protection engine. Microsoft Malware Protection Engine has a security vulnerability in its implementation that allows remote attackers to exploit the vulnerability to submit special requests and execute arbitrary code...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
KLA11057 Arbitrary code execution vulnerability in Microsoft Malware Protection Engine
An improper scanning of specially designed files was found in Microsoft Malware Protection Engine in Microsoft Windows. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely by putting a specially designed file to a directory...
Microsoft Malware Protection Engine < 1.1.13903 RCE
The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13903.0. It is, therefore, affected by a remote code execution vulnerability due to improper handling of files during scanning. An unauthenticated, remote attacker can exploit this, via a...
Microsoft Malware Protection Engine on Windows Defender Multiple Vulnerabilities
This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 05-25-2017 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Microsoft Malware Protection Engine Denial of Service Vulnerability (CNVD-2017-09500)
Microsoft Windows is a series of operating systems released by Microsoft, Microsoft Forefront is a set of enterprise-oriented server security features applied to it.Microsoft Defender is an antivirus software applied to it. A denial of service vulnerability exists in Microsoft Forefront and...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CNVD-2017-09503)
Microsoft Windows is a series of operating systems released by Microsoft, Microsoft Forefront is a set of enterprise-oriented server security features applied to it.Microsoft Defender is an antivirus software applied to it. A remote code execution vulnerability exists in Microsoft Forefront and...