Microsoft Windows Defender
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Defender.
Recent Microsoft Windows Defender Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2025-62468 | CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability | December 9, 2025 |
| CVE-2025-54915 | CVE-2025-54915 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-54109 | CVE-2025-54109 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-54104 | CVE-2025-54104 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-54094 | CVE-2025-54094 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-53810 | CVE-2025-53810 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-53808 | CVE-2025-53808 Windows Defender Firewall Service Elevation of Privilege Vulnerability | September 9, 2025 |
| CVE-2025-26678 | CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability | April 8, 2025 |
| CVE-2024-49071 | CVE-2024-49071 Windows Defender Information Disclosure Vulnerability | December 12, 2024 |
| CVE-2024-43645 | CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability | November 12, 2024 |
By the Year
In 2026 there have been 0 vulnerabilities in Microsoft Windows Defender. Windows Defender did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 6.50 |
| 2023 | 4 | 7.23 |
| 2022 | 2 | 7.10 |
| 2021 | 1 | 7.80 |
| 2020 | 1 | 7.80 |
| 2019 | 1 | 0.00 |
| 2018 | 1 | 0.00 |
It may take a day or so for new Windows Defender vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Defender Security Vulnerabilities
Windows Defender: Improper Authorization in Global Files Search Index
CVE-2024-49071
6.5 - Medium
- December 12, 2024
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
Improper Authorization of Index Containing Sensitive Information
Nov 2023: Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2023-36422
7.8 - High
- November 14, 2023
Microsoft Windows Defender Elevation of Privilege Vulnerability
Untrusted Path
Windows Defender EoP via Improper Resource Access
CVE-2023-38175
7.8 - High
- August 08, 2023
Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Defender Elevation of Privilege Vulnerability
CVE-2023-33156
7 - High
- July 11, 2023
Microsoft Defender Elevation of Privilege Vulnerability
Microsoft Defender Privilege Escalation Vulnerability
CVE-2023-23389
6.3 - Medium
- March 14, 2023
Microsoft Defender Elevation of Privilege Vulnerability
Windows Defender EoP via Privilege Escalation (CVE-2022-37971)
CVE-2022-37971
7.1 - High
- October 11, 2022
Microsoft Windows Defender Elevation of Privilege Vulnerability
Windows Defender Credential Guard Feature Bypass Vulnerability
CVE-2022-35822
7.1 - High
- August 15, 2022
Windows Defender Credential Guard Security Feature Bypass Vulnerability
Jan 2021: Microsoft Defender Remote Code Execution Vulnerability
CVE-2021-1647
7.8 - High
- January 12, 2021
Microsoft Defender Remote Code Execution Vulnerability
An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links
CVE-2020-0835
7.8 - High
- April 15, 2020
An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links, aka 'Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability'.
Improper Privilege Management
Aug 2019: Microsoft Defender Elevation of Privilege Vulnerability
CVE-2019-1161
- August 14, 2019
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.
Apr 2018:
CVE-2018-0986
- April 04, 2018
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly s
CVE-2017-8540
7.8 - High
- May 26, 2017
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Defender or by Microsoft? Click the Watch button to subscribe.
