CyberSec.Space Logo
Back to CVE Browser

CVE-2017-8540

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score54.9720%
EPSS Percentile85.09th
PublishedMay 26, 2017
Last ModifiedApr 22, 2026

Vulnerability Description

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Malware Protection Engine

>= 1.1.13701.0 and < 1.1.13704.0
πŸ“¦
Microsoft

Endpoint Protection

All versions
πŸ“¦
Microsoft

Exchange Server

= 2013
πŸ“¦
Microsoft

Exchange Server

= 2016
πŸ“¦
Microsoft

Forefront Endpoint Protection

All versions
πŸ“¦
Microsoft

Forefront Endpoint Protection

= 2010
πŸ“¦
Microsoft

Forefront Security

All versions
πŸ“¦
Microsoft

Intune Endpoint Protection

All versions
πŸ“¦
Microsoft

Security Essentials

All versions
πŸ“¦
Microsoft

System Center Endpoint Protection

All versions
πŸ“¦
Microsoft

Windows Defender

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/98703
πŸ”— http://www.securitytracker.com/id/1038571
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540
πŸ”— https://www.exploit-db.com/exploits/42088/
πŸ”— http://www.securityfocus.com/bid/98703
πŸ”— http://www.securitytracker.com/id/1038571
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540
πŸ”— https://www.exploit-db.com/exploits/42088/

Related Vulnerabilities

CVE-2006-52709.3

Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, an...

CVE-2013-13469.3

mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrar...

CVE-2018-09868.8

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially craft...

CVE-2016-63688.6

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System S...