Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2018-0986

Published: 04/04/2018 Updated: 09/09/2021
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Exchange Server

Vulnerability Summary

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft exchange server 2013

microsoft exchange server 2016

microsoft security essentials -

microsoft forefront endpoint protection 2010 -

microsoft intune endpoint protection -

microsoft system center endpoint protection

microsoft system center endpoint protection 2012

microsoft windows_defender -

Exploits

Exploit DB: Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
Windows Defender inspects a variety of different archive formats, among others RAR Inspection of mpenginedll revealed that the code responsible for processing RAR archives appears to be a forked and modified version of the original unrar code; given that it still processes the VMSF_UPCASE filter (which was removed in unrar 50), it seems that th ...

Recent Articles

It's April 2018 – and Patch Tuesday shows Windows security is still foiled by fiendish fonts
The Register • Shaun Nichols in San Francisco • 10 Apr 2018

Adobe's Flash also up the spout Mad March Meltdown! Microsoft's patch for a patch for a patch may need another patch

Microsoft has released the April edition of its monthly security update, this time addressing a total of 63 CVE-listed vulnerabilities. This month's update includes critical fixes for the usual suspects: Windows, Edge, Internet Explorer, and Office, as well as one flaw Redmond previously fixed with an unscheduled update. You should install these fixes as soon as you can, if your system hasn't already. Just one of this month's patches is for a zero-day flaw; CVE-2018-1034 is an elevation of privi...

Read more...
They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender
The Register • Shaun Nichols in San Francisco • 04 Apr 2018

Rar! That's a scary bug Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE

A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use. The bug, CVE-2018-0986, was patched on Tuesday in the latest version of the Microsoft Malware Protection Engine (1.1.14700.5) in Windows Defender, Security Essentials, Exchange Server, Forefront Endpoint Protection, and Intune Endpoint Protection. This update should be ...

Read more...

References

CWE-787https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986http://www.securitytracker.com/id/1040631http://www.securityfocus.com/bid/103593https://www.exploit-db.com/exploits/44402/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44402/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook