6 matches found
CVE-2017-8540
CVE-2017-8540 affects Microsoft Malware Protection Engine (MMPE) across Forefront/Defender deployments. The weakness arises from a use-after-free in the garbage collection system managing JavaScript objects during scanning of specially crafted files, enabling memory corruption and potential remot...
CVE-2021-24092
CVE-2021-24092 is a Microsoft Defender elevation-of-privilege vulnerability affecting Windows Defender. The connected sources confirm a local, low-privilege attacker could achieve higher privileges (CVE-2021-24092), with a CVSSv3 base score of 7.8 (HIGH) and a local attack vector. Public records ...
CVE-2017-8537
CVE-2017-8537 describes a denial-of-service vulnerability in the Microsoft Malware Protection Engine (MMPE) used with Microsoft Forefront and Microsoft Defender across a range of Windows client/server platforms. The issue arises from MMPE failing to properly scan specially crafted files, which ca...
CVE-2017-8558
CVE-2017-8558 affects the Microsoft Malware Protection Engine used by Forefront/Defender on Windows platforms (32‑bit). The vulnerability arises when scanning specially crafted files, leading to memory corruption and remote code execution. Public evidence in multiple feeds confirms this as a remo...
CVE-2017-8535
CVE-2017-8535 affects Microsoft Malware Protection Engine used by Forefront/Defender on Windows platforms. The vulnerability stems from improper scanning of specially crafted files, causing a denial of service. Connected sources also describe similar issues (CVE-2017-8536/7/9/42) in MMPE. Mitigat...
CVE-2017-8536
CVE-2017-8536 is a denial-of-service vulnerability in Microsoft Malware Protection Engine (MMPE) that affects MMPE running on multiple Windows versions and related Microsoft products (Forefront/ Defender). The issue stems from the engine failing to properly scan specially crafted files, which cou...