QID 91836

Date Published: 2021-11-10

QID 91836: Microsoft Windows Defender Remote Code Execution (RCE) Vulnerability - November 2021

Microsoft Defender is prone to Remote Code Execution (RCE) Vulnerability.

Affected Software:
Windows Defender

QID Detection Logic (Authenticated):
Detection checks for mpengine.dll file version less than 1.1.18700.3

Successful exploitation allows attacker to compromise the system.

  • CVSS V3 rated as High - 7.8 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Users are advised to check CVE-2021-42298 for more information.

    CVEs related to QID 91836

    Software Advisories
    Advisory ID Software Component Link
    CVE-2021-42298 URL Logo msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42298