Apr 2018:
CVE-2018-0986 Published on April 4, 2018

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

NVD

Products Associated with CVE-2018-0986

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Exchange Server

Microsoft Forefront Endpoint Protection 2010

Microsoft Intune Endpoint Protection

Microsoft Security Essentials

Microsoft System Center 2012 Endpoint Protection

Microsoft System Center 2012 R2 Endpoint Protection

Microsoft System Center Endpoint Protection

Microsoft Windows Defender

Microsoft Windows

Affected Versions

Microsoft Windows Defender:

Version Windows 10 for 32-bit Systems is affected.
Version Windows 10 for x64-based Systems is affected.
Version Windows 10 Version 1511 for 32-bit Systems is affected.
Version Windows 10 Version 1511 for x64-based Systems is affected.
Version Windows 10 Version 1607 for 32-bit Systems is affected.
Version Windows 10 Version 1607 for x64-based Systems is affected.
Version Windows 10 Version 1703 for 32-bit Systems is affected.
Version Windows 10 Version 1703 for x64-based Systems is affected.
Version Windows 10 Version 1709 for 32-bit Systems is affected.
Version Windows 10 Version 1709 for x64-based Systems is affected.
Version Windows 7 for 32-bit Systems Service Pack 1 is affected.
Version Windows 7 for x64-based Systems Service Pack 1 is affected.
Version Windows 8.1 for 32-bit systems is affected.
Version Windows 8.1 for x64-based systems is affected.
Version Windows RT 8.1 is affected.
Version Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 is affected.
Version Windows Server 2008 R2 for x64-based Systems Service Pack 1 is affected.
Version Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) is affected.
Version Windows Server 2012 is affected.
Version Windows Server 2012 (Server Core installation) is affected.
Version Windows Server 2012 R2 is affected.
Version Windows Server 2012 R2 (Server Core installation) is affected.
Version Windows Server 2016 is affected.
Version Windows Server 2016 (Server Core installation) is affected.
Version Windows Server, version 1709 (Server Core Installation) is affected.

Microsoft Windows Intune Endpoint Protection:

Version Windows Intune Endpoint Protection is affected.

Microsoft Security Essentials:

Version Microsoft Security Essentials is affected.

Microsoft System Center Endpoint Protection:

Version Microsoft System Center Endpoint Protection is affected.

Microsoft Exchange Server:

Version 2013 is affected.
Version 2016 is affected.

Microsoft System Center:

Version 2012 Endpoint Protection is affected.
Version 2012 R2 Endpoint Protection is affected.

Microsoft Forefront Endpoint Protection:

Version 2010 is affected.

Exploit Probability

EPSS

75.37%

Percentile

98.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Apr 2018: CVE-2018-0986 Published on April 4, 2018

Products Associated with CVE-2018-0986

Affected Versions

Exploit Probability

Apr 2018:
CVE-2018-0986 Published on April 4, 2018