Searching
..

Click anywhere to stop

KLA11029
Multiple vulnerabilities in the Microsoft Malware Protection Engine

Updated: 01/22/2024
Detect date
?
05/09/2017
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Malware Protection Engine. Malicious users can exploit these vulnerabilities to cause a denial of service and execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Multiple vulnerabilities related to an improper scanning leading to scan timeout can be exploited remotely via a specially designed file to cause a denial of service;
  2. Multiple vulnerabilities related to an improper scanning leading to memory corruption can be exploited remotely via a specially designed file to execute arbitrary code.

Technical details

To exploit all vulnerabilities, an attacker has to put a specially designed file to a directory scanned by the Microsoft Malware Protection Engine. It can be done via a website when it is being viewed by a user, via email message or an Instant Messenger message or a shared location.

Affected products

Microsoft Windows 7  Service Pack 1
Microsoft Windows 8.1
Microsoft Windows RT 8.1
Microsoft Windows 10 
Microsoft Windows Server 2008 Service Pack 2 
Microsoft Windows Server 2008 R2 Service Pack 1 
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016

Solution

Enterprise administrators or end users do not have to take any actions to install updates for Microsoft Malware Protection Engine because the update will be detected and applied automatically within 48 hours of release.

Original advisories

CVE-2017-8540
CVE-2017-8539
CVE-2017-8538
CVE-2017-8542
CVE-2017-8535
CVE-2017-8541
CVE-2017-8537
CVE-2017-8536
CVE-2017-8542
CVE-2017-8541
CVE-2017-8540
CVE-2017-8539
CVE-2017-8538
CVE-2017-8537
CVE-2017-8536
CVE-2017-8535

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Exchange Server
Microsoft Windows 10
CVE-IDS
?
CVE-2017-85424.3Warning
CVE-2017-85419.3Critical
CVE-2017-85409.3Critical
CVE-2017-85394.3Warning
CVE-2017-85389.3Critical
CVE-2017-85374.3Warning
CVE-2017-85364.3Warning
CVE-2017-85354.3Warning
Microsoft official advisories
Microsoft Security Update Guide
Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Find out the statistics of the vulnerabilities spreading in your region