CVE-2017-11940: Buffer Overflow
First published: Fri Dec 08 2017(Updated: )
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Malware Protection Engine | <=1.1.14306.0 | |
| Microsoft Exchange Server | =2013 | |
| Microsoft Exchange Server | =2016 | |
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1511 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1709 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-11940?
CVE-2017-11940 is a vulnerability in the Microsoft Malware Protection Engine.
Which Microsoft products are affected by CVE-2017-11940?
Microsoft Forefront, Microsoft Defender, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709, Windows Server 2016, Microsoft Exchange Server 2013 and 2016 are affected by CVE-2017-11940.
What is the severity of CVE-2017-11940?
The severity of CVE-2017-11940 is critical with a CVSS score of 7.8.
How can I fix CVE-2017-11940?
To fix CVE-2017-11940, make sure you have installed the latest updates from Microsoft.
Where can I find more information about CVE-2017-11940?
You can find more information about CVE-2017-11940 on the following websites: [1] http://www.securityfocus.com/bid/102104 [2] http://www.securitytracker.com/id/1039972 [3] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11940
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft malware protection engine
- version/microsoft malware protection engine/1.1.14306.0
- canonical/microsoft exchange server
- version/microsoft exchange server/2013
- version/microsoft exchange server/2016
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/1511
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709