CVE-2018-0986
Summary
| CVE | CVE-2018-0986 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-04 17:29:00 UTC |
| Updated | 2021-09-09 13:34:00 UTC |
| Description | A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Exchange Server | 2013 | - | All | All |
| Application | Microsoft | Exchange Server | 2016 | - | All | All |
| Application | Microsoft | Exchange Server | 2013 | - | All | All |
| Application | Microsoft | Exchange Server | 2016 | - | All | All |
| Application | Microsoft | Forefront Endpoint Protection 2010 | - | All | All | All |
| Application | Microsoft | Forefront Endpoint Protection 2010 | - | All | All | All |
| Application | Microsoft | Intune Endpoint Protection | - | All | All | All |
| Application | Microsoft | Intune Endpoint Protection | - | All | All | All |
| Application | Microsoft | Security Essentials | - | All | All | All |
| Application | Microsoft | Security Essentials | - | All | All | All |
| Application | Microsoft | System Center 2012 Endpoint Protection | All | All | All | All |
| Application | Microsoft | System Center 2012 Endpoint Protection | All | All | All | All |
| Application | Microsoft | System Center 2012 R2 Endpoint Protection | All | All | All | All |
| Application | Microsoft | System Center 2012 R2 Endpoint Protection | All | All | All | All |
| Application | Microsoft | System Center Endpoint Protection | All | All | All | All |
| Application | Microsoft | System Center Endpoint Protection | 2012 | - | All | All |
| Application | Microsoft | System Center Endpoint Protection | 2012 | r2 | All | All |
| Application | Microsoft | System Center Endpoint Protection | All | All | All | All |
| Operating System | Microsoft | Windows 10 | - | All | All | All |
| Operating System | Microsoft | Windows 10 | 1511 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1607 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1703 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1709 | All | All | All |
| Operating System | Microsoft | Windows 10 | - | All | All | All |
| Operating System | Microsoft | Windows 10 | 1511 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1607 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1703 | All | All | All |
| Operating System | Microsoft | Windows 10 | 1709 | All | All | All |
| Operating System | Microsoft | Windows 7 | - | sp1 | All | All |
| Operating System | Microsoft | Windows 7 | - | sp1 | All | All |
| Operating System | Microsoft | Windows 8.1 | All | All | All | All |
| Operating System | Microsoft | Windows 8.1 | All | All | All | All |
| Application | Microsoft | Windows Defender | - | All | All | All |
| Application | Microsoft | Windows Defender | - | All | All | All |
| Operating System | Microsoft | Windows Rt 8.1 | All | All | All | All |
| Operating System | Microsoft | Windows Rt 8.1 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
| Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
| Operating System | Microsoft | Windows Server 2012 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2012 | r2 | All | All | All |
| Operating System | Microsoft | Windows Server 2012 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2012 | r2 | All | All | All |
| Operating System | Microsoft | Windows Server 2016 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2016 | 1709 | All | All | All |
| Operating System | Microsoft | Windows Server 2016 | All | All | All | All |
| Operating System | Microsoft | Windows Server 2016 | 1709 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986 | CONFIRM | portal.msrc.microsoft.com | Patch, Vendor Advisory |
| Microsoft Windows Defender File Processing Memory Corruption Error Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Microsoft Windows Defender - 'mpengine.dll' Memory Corruption - Windows dos Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| Microsoft Malware Protection Engine CVE-2018-0986 Remote Code Execution Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.