CVE-2018-0986
First published: Wed Apr 04 2018(Updated: )
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Exchange Server | =2013 | |
| Microsoft Exchange Server | =2016 | |
| Microsoft Security Essentials | ||
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Intune Endpoint Protection | ||
| Microsoft System Center Endpoint Protection | ||
| Microsoft System Center Endpoint Protection | =2012 | |
| Microsoft System Center Endpoint Protection | =2012-r2 | |
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1511 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1709 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-0986?
CVE-2018-0986 is a remote code execution vulnerability in the Microsoft Malware Protection Engine.
Which software is affected by CVE-2018-0986?
Windows Defender, Microsoft Security Essentials, Microsoft Forefront Endpoint Protection 2010, Microsoft Intune Endpoint Protection, Microsoft System Center Endpoint Protection, Microsoft Exchange Server 2013 and 2016.
What is the severity level of CVE-2018-0986?
CVE-2018-0986 has a severity level of critical (8.8).
How does CVE-2018-0986 work?
CVE-2018-0986 allows remote attackers to execute arbitrary code by exploiting a memory corruption issue in the Microsoft Malware Protection Engine.
Are Windows 10 and Windows 7 vulnerable to CVE-2018-0986?
No, Windows 10 and Windows 7 are not vulnerable to CVE-2018-0986.
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- agent/weakness
- agent/remedy
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft exchange server
- version/microsoft exchange server/2013
- version/microsoft exchange server/2016
- canonical/microsoft security essentials
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft intune endpoint protection
- canonical/microsoft system center endpoint protection
- version/microsoft system center endpoint protection/2012
- version/microsoft system center endpoint protection/2012-r2
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/1511
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1709