CVE-2018-0986
Description
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka Microsoft Malware Protection Engine Remote Code Execution Vulnerability. This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
75.368
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-0986 are fixed in Microsoft Defender (1.1.14700.5) (x64) | Windows |
| Vulnerabilities CVE-2018-0986 are fixed in Microsoft Defender (1.1.14700.5) (x86) | Windows |
| Vulnerabilities CVE-2018-0986 are fixed in Windows Defender (1.1.14700.5) (x86) | Windows |
| Vulnerabilities CVE-2018-0986 are fixed in Windows Defender (1.1.14700.5) (x64) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-400009 | The latest update for Microsoft Defender (1.449.337.0) |
| PATCH-400008 | The latest update for Microsoft Defender (1.449.337.0) |
| PATCH-400006 | The latest update for Windows Defender (1.449.337.0) |
| PATCH-400007 | The latest update for Windows Defender (1.449.337.0) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234