CVE-2017-11937: Buffer Overflow
First published: Thu Dec 07 2017(Updated: )
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Malware Protection Engine | <=1.1.14306.0 | |
| Microsoft Exchange Server | =2013 | |
| Microsoft Exchange Server | =2016 | |
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1511 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1709 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-11937?
The severity of CVE-2017-11937 is critical with a CVSS score of 7.8.
Which software is affected by CVE-2017-11937?
The Microsoft Malware Protection Engine running on Microsoft Forefront, Microsoft Defender, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 (Gold, 1511, 1607, 1703, 1709), Windows Server 2016, Microsoft Exchange Server 2013, and Microsoft Exchange Server 2016 are affected by CVE-2017-11937.
How can I fix CVE-2017-11937?
To fix CVE-2017-11937, update the Microsoft Malware Protection Engine to version 1.1.14306.0 or later.
Are Microsoft Exchange Server 2013 and 2016 vulnerable to CVE-2017-11937?
No, Microsoft Exchange Server 2013 and 2016 are not vulnerable to CVE-2017-11937.
Where can I find more information about CVE-2017-11937?
You can find more information about CVE-2017-11937 on the following websites: [securityfocus.com](http://www.securityfocus.com/bid/102070), [securitytracker.com](http://www.securitytracker.com/id/1039972), [Microsoft Security Guidande](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937).
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft malware protection engine
- version/microsoft malware protection engine/1.1.14306.0
- canonical/microsoft exchange server
- version/microsoft exchange server/2013
- version/microsoft exchange server/2016
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/1511
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709