27 matches found
CVE-2017-8540
CVE-2017-8540 affects Microsoft Malware Protection Engine (MMPE) across Forefront/Defender deployments. The weakness arises from a use-after-free in the garbage collection system managing JavaScript objects during scanning of specially crafted files, enabling memory corruption and potential remot...
CVE-2023-33156
The connected Nessus entry details a local elevation of privilege vulnerability in Microsoft Defender’s Malware Protection Engine, affecting installations prior to version 1.1.23050.3. The CVE is CVE-2023-33156. If exploited, this could allow privilege elevation on affected Windows hosts. The rem...
CVE-2021-42298
CVE-2021-42298 : Microsoft Defender Remote Code Execution vulnerability affecting the Microsoft Defender/Malware Protection Engine. Exploitation can be initiated remotely without authentication, but requires user interaction for success. Some sources note a lack of public technical details or exp...
CVE-2022-24548
CVE-2022-24548 is a Microsoft Defender Denial of Service vulnerability. It affects the Malware Protection Engine in Windows Defender (remote/ local context) and is tied to versions equal to or prior to 1.1.19100.5. The underlying cause, as described in multiple sources, is a flaw in how the produ...
CVE-2023-24860
CVE-2023-24860 describes a Denial-of-Service vulnerability in Microsoft Defender. The CVE affects the Microsoft Malware Protection Engine used by Windows Defender, with CVSS v3.1 metrics: Network attack vector, no user interaction, no privileges required, and an availability impact of High. The r...
CVE-2017-8541
CVE-2017-8541 concerns the Microsoft Malware Protection Engine (MMPE) remote code execution vulnerability. Multiple sources confirm MMPE fails to properly scan a specially crafted file, causing memory corruption and potentially arbitrary code execution. Exploitation indicators include exploits li...
CVE-2017-8538
CVE-2017-8538 concerns the Microsoft Malware Protection Engine (MMPE) used by Forefront and Defender on Windows platforms (Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, Windows 10 versions 1511–1703, Windows Server 2016, plus Microsoft Ex...
CVE-2021-34464
CVE-2021-34464 affects the Microsoft Windows Defender Malware Protection Engine (Windows Defender) and is a remote code execution vulnerability in that engine. The OpenVAS/Nessus entries describe multiple RCE vulnerabilities in the Defender/Malware Protection Engine, with exploitation leading to ...
CVE-2017-0290
CVE-2017-0290 affects the Microsoft Malware Protection Engine (mpengine) used by Forefront/Defender on Windows clients/servers. The flaw is a memory corruption vulnerability triggered when scanning a specially crafted file, enabling remote code execution. Affected products span Windows 7/8.1/10 a...
CVE-2023-23389
CVE-2023-23389 affects Microsoft Defender’s Malware Protection Engine. It is a local elevation-of-privilege vulnerability in Defender, exploitable by an authenticated user on affected systems. The issue exists in Malware Protection Engine versions prior to 1.1.20000.2 and can grant elevated privi...
CVE-2021-31985
CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability. The connected documents confirm this is a vulnerability in the Microsoft Defender/Malware Protection Engine with remote code execution potential. Patches were released as part of Microsoft’s June 2021 updates (MSRC guidance ...
CVE-2022-37971
CVE-2022-37971 is a Windows Defender elevation-of-privilege vulnerability in the Malware Protection Engine. It allows a local attacker with low privileges and no user interaction to potentially obtain SYSTEM-level privileges on the host. The CVSSv3.1 score is 7.1 (LP: local, IL: high, AI: high). ...
CVE-2021-34522
CVE-2021-34522 is a Microsoft Defender vulnerability in the Microsoft Malware Protection Engine used by Windows Defender. Reports describe it as a Remote Code Execution issue with a local attack vector and high impact on confidentiality, integrity, and availability. Exploitation is conditioned on...
CVE-2021-34471
CVE-2021-34471 is described across connected sources as a local privilege-escalation vulnerability in Microsoft Defender’s Malware Protection Engine (MPE)/Windows Defender. Some documents (e.g., NASL plugin) reference an affected MPE version prior to 1.1.18400.4 and cite insufficient access contr...
CVE-2021-31978
CVE-2021-31978 is a Denial of Service vulnerability in the Microsoft Defender Malware Protection Engine (Windows Defender) used by Microsoft Defender/Exchange of System Center products. The issue affects the Malware Protection Engine and can impact availability; exploitation is local and, per the...
CVE-2017-11937
The CVE-2017-11937 entry describes a remote code execution flaw in Microsoft Malware Protection Engine (MMPE), affecting Windows Defender/Forefront and related products across multiple Windows versions. The vulnerability arises when the MMPE fails to properly scan a specially crafted file, enabli...
CVE-2017-11940
CVE-2017-11940 / CVE-2017-11937 describe a remote code execution vulnerability in the Microsoft Malware Protection Engine (MMPE) used by Windows Defender/Endpoint Protection, Forefront, and related products. The issue stems from MMPE not properly scanning specially crafted files, which can lead t...
CVE-2017-8542
CVE-2017-8542 refers to a denial-of-service vulnerability in the Microsoft Malware Protection Engine (MMPE) used by Microsoft Defender/Forefront on Windows and Exchange Server variants. The issue arises when MMPE scans a specially crafted file, potentially causing the monitoring service to stop o...
CVE-2026-45584
CVE-2026-45584 describes a heap-based buffer overflow in Microsoft Defender that enables remote code execution over a network. The affected product is Microsoft Defender; the root cause is a heap overflow vulnerability, leading to potential arbitrary code execution on exposed systems. The CVSS ve...
CVE-2017-8539
CVE-2017-8539 concerns the Microsoft Malware Protection Engine (MMPE) running on Windows systems (various client and server SKUs) where the engine, when scanning specially crafted files, can fail to properly scan and cause a denial of service. The CVE is part of a set of related vulnerabilities (...
CVE-2008-1437
CVE-2008-1437 affects the Microsoft Malware Protection Engine (mpengine.dll) versions 1.1.3520.0 and 0.1.13.192 used in multiple Microsoft products. The vulnerability stems from the engine’s parsing of specially crafted files, involving improper validation during processing, which can cause the e...
CVE-2014-2779
CVE-2014-2779 affects the Microsoft Malware Protection Engine (MMPE) prior to version 1.1.10701.0. A crafted file can cause the MMPE to stop monitoring, leading to a denial of service (system hang). The vulnerability is exploitable remotely over the network. Mitigation is to update MMPE to versio...
CVE-2013-1346
CVE-2013-1346 affects Microsoft Malware Protection Engine (MMPE) on 64‑bit platforms. mpengine.dll prior to version 1.1.9506.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. Multiple feeds (Red Hat, NVD, CVE lists) consistent...
CVE-2006-5270
The CVE-2006-5270 issue is a remote code execution vulnerability in the Microsoft Malware Protection Engine (mpengine.dll) caused by an integer overflow when parsing PDF files. Affected products include Windows Live OneCare, Microsoft Antigen (Exchange 9.x and SMTP Gateway 9.x), Windows Defender ...
CVE-2008-1438
CVE-2008-1438 concerns the Microsoft Malware Protection Engine (mpengine.dll) (versions 1.1.3520.0 and 0.1.13.192) used in multiple Microsoft products. A denial-of-service exists when parsing certain files with “crafted data structures,” causing disk-space exhaustion and automatic engine restart....
CVE-2011-0037
CVE-2011-0037 affects Microsoft Malware Protection Engine (MMPE) prior to 1.1.6603.0, used in MSRT, Windows Defender, Security Essentials, Forefront products, and related tools. The vulnerability allows local privilege escalation through a crafted value of an unspecified user registry key. The do...
CVE-2026-41091
CVE-2026-41091 affects Microsoft Defender. It describes an improper link resolution before file access ("link following") vulnerability that lets an authorized local attacker elevate privileges. Based on the provided metadata, the exploit vector is LOCAL with LOW privileges required, no user inte...