 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.811067 |
| Category: | Windows |
| Title: | Microsoft Malware Protection Engine on Windows Defender Multiple Vulnerabilities |
| Summary: | This host is missing an important security; update according to Microsoft Security Updates released for Microsoft Malware; Protection Engine dated 05-25-2017 |
| Description: | Summary: This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 05-25-2017 Vulnerability Insight: Multiple flaws are due to: - Multiple errors when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. - Multiple errors when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in the security context of the LocalSystem account and take control of the system. Also an attacker can lead to denial of service preventing the Microsoft Malware Protection Engine from monitoring affected systems until the service is restarted. Affected Software/OS: - Microsoft Windows 8.1 - Microsoft Windows 7 SP1 - Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2 - Microsoft Windows Server 2016 x64 - Microsoft Windows Server 2008 SP2 - Microsoft Windows Server 2008 R2 SP1 - Microsoft Windows 10 Version 1511 x32/x64 - Microsoft Windows 10 Version 1607 x32/x64 - Microsoft Windows 10 Version 1703 x32/x64 Solution: Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-8535 BugTraq ID: 98702 http://www.securityfocus.com/bid/98702 https://www.exploit-db.com/exploits/42081/ http://www.securitytracker.com/id/1038571 Common Vulnerability Exposure (CVE) ID: CVE-2017-8536 BugTraq ID: 98708 http://www.securityfocus.com/bid/98708 Common Vulnerability Exposure (CVE) ID: CVE-2017-8537 BugTraq ID: 98705 http://www.securityfocus.com/bid/98705 Common Vulnerability Exposure (CVE) ID: CVE-2017-8538 BugTraq ID: 98706 http://www.securityfocus.com/bid/98706 Common Vulnerability Exposure (CVE) ID: CVE-2017-8539 BugTraq ID: 98704 http://www.securityfocus.com/bid/98704 Common Vulnerability Exposure (CVE) ID: CVE-2017-8540 BugTraq ID: 98703 http://www.securityfocus.com/bid/98703 https://www.exploit-db.com/exploits/42088/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8541 BugTraq ID: 98710 http://www.securityfocus.com/bid/98710 https://www.exploit-db.com/exploits/42092/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8542 BugTraq ID: 98707 http://www.securityfocus.com/bid/98707 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |