CVE-2017-0290: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…

high7.8CVSS 3.0

AVLACLPRNUIRSUCHIHAH

EXPLOIT

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability."

Affected

20 ranges

Vendor	Product	Version range	Fixed in
microsoft	malware_protection_engine	<= 1.1.13701.0	—
microsoft_corporation	microsoft_malware_protection_engine	—	—
msrc	microsoft_forefront_endpoint_protection_2010	—	—
msrc	microsoft_forefront_security_for_sharepoint_service_pack_3	—	—
msrc	microsoft_security_essentials	—	—
msrc	windows_defender_on_windows_10_for_32-bit_systems	—	—
msrc	windows_defender_on_windows_10_for_x64-based_systems	—	—
msrc	windows_defender_on_windows_10_version_1511_for_32-bit_systems	—	—
msrc	windows_defender_on_windows_10_version_1511_for_x64-based_systems	—	—
msrc	windows_defender_on_windows_10_version_1607_for_32-bit_systems	—	—
msrc	windows_defender_on_windows_10_version_1607_for_x64-based_systems	—	—
msrc	windows_defender_on_windows_10_version_1703_for_32-bit_systems	—	—
msrc	windows_defender_on_windows_10_version_1703_for_x64-based_systems	—	—
msrc	windows_defender_on_windows_7_for_32-bit_systems_service_pack_1	—	—
msrc	windows_defender_on_windows_7_for_x64-based_systems_service_pack_1	—	—
msrc	windows_defender_on_windows_8.1_for_32-bit_systems	—	—
msrc	windows_defender_on_windows_8.1_for_x64-based_systems	—	—
msrc	windows_defender_on_windows_rt_8.1	—	—
msrc	windows_defender_on_windows_server_2016	—	—
msrc	windows_intune_endpoint_protection	—	—