CVE-2017-11937 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Malware Protection Engine
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents5 sources
Severity
7.8HIGHNVD
EPSS
48.4%
top 2.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 7
Latest updateMay 14
Description
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages2 packages
▶CVEListV5microsoft_corporation/microsoft_malware_protection_engineMicrosoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016.
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-pp2v-f23g-qjhq: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8↗2022-05-14
CVEList▶
CVE-2017-11937: The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8↗2017-12-07