Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Malware Protection Engine on Windows Defender RCE Vulnerability - Apr 2018
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 03-04-2018
Insight
Insight
The flaw exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption.
Affected Software
Affected Software
Microsoft Windows 10 x32/x64 Microsoft Windows 8.1 x32/x64 Microsoft Windows Server 2012 Microsoft Windows 7 SP1 x32/x64 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 x64 Microsoft Windows Server 2008 R2 SP1 x64 Microsoft Windows 10 Version 1703 x32/x64 Microsoft Windows 10 Version 1709 x32/x64 Microsoft Windows 10 Version 1511 x32/x64 Microsoft Windows 10 Version 1607 x32/x64
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself.