CVE-2017-8540

KEV
Published: Mag 26, 2017 Last Modified: Ott 22, 2025
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH 9,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete

Description

AI Translation Available

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka 'Microsoft Malware Protection Engine Remote Code Execution Vulnerability', a different vulnerability than CVE-2017-8538 and CVE-2017-8541.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,8461
Percentile
1,0th
Updated

EPSS Score Trend (Last 90 Days)

787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Exploit

Microsoft MsMpEng - Remote Use-After-Free Due to Design …

Verified

Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Author: Google Security Research Published: Status: Verified
View Exploit Code →
Application

System Center Endpoint Protection by Microsoft

Product Information
Vendor Microsoft
Product System Center Endpoint Protection
Version -
cpe:2.3:a:microsoft:system_center_endpoint_protection:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Security Essentials by Microsoft

Product Information
Vendor Microsoft
Product Security Essentials
Version -
cpe:2.3:a:microsoft:security_essentials:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Malware Protection Engine by Microsoft

Product Information
Vendor Microsoft
Product Malware Protection Engine
Version Range Affected
From 1.1.13701.0 (inclusive)
To 1.1.13704.0 (exclusive)
cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Exchange Server by Microsoft

Product Information
Vendor Microsoft
Product Exchange Server
Version 2013
cpe:2.3:a:microsoft:exchange_server:2013:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Windows Defender by Microsoft

Product Information
Vendor Microsoft
Product Windows Defender
Version -
cpe:2.3:a:microsoft:windows_defender:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Exchange Server by Microsoft

Product Information
Vendor Microsoft
Product Exchange Server
Version 2016
cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Endpoint Protection by Microsoft

Product Information
Vendor Microsoft
Product Endpoint Protection
Version -
cpe:2.3:a:microsoft:endpoint_protection:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Forefront Security by Microsoft

Product Information
Vendor Microsoft
Product Forefront Security
Version -
cpe:2.3:a:microsoft:forefront_security:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Forefront Endpoint Protection by Microsoft

Product Information
Vendor Microsoft
Product Forefront Endpoint Protection
Version -
cpe:2.3:a:microsoft:forefront_endpoint_protection:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Intune Endpoint Protection by Microsoft

Product Information
Vendor Microsoft
Product Intune Endpoint Protection
Version -
cpe:2.3:a:microsoft:intune_endpoint_protection:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Forefront Endpoint Protection by Microsoft

Product Information
Vendor Microsoft
Product Forefront Endpoint Protection
Version 2010
cpe:2.3:a:microsoft:forefront_endpoint_protection:2010:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017…
https://portal.msrc.microsoft.com/en-US/security-guidance/a…
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540
https://www.exploit-db.com/exploits/42088/
https://www.exploit-db.com/exploits/42088/
http://www.securityfocus.com/bid/98703
http://www.securityfocus.com/bid/98703
http://www.securitytracker.com/id/1038571
http://www.securitytracker.com/id/1038571
https://portal.msrc.microsoft.com/en-US/security-guidance/a…
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540
https://www.exploit-db.com/exploits/42088/
https://www.exploit-db.com/exploits/42088/
http://www.securityfocus.com/bid/98703
http://www.securityfocus.com/bid/98703
http://www.securitytracker.com/id/1038571
http://www.securitytracker.com/id/1038571