CVE-2017-0290

Name of the Vulnerable Software and Affected Versions: Microsoft Forefront and Microsoft Defender versions on Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016

Description: The issue is related to the Microsoft Malware Protection Engine not properly scanning a specially crafted file, leading to memory corruption. This can allow an attacker to execute arbitrary code using a specially crafted file.

Recommendations: For Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, update the Microsoft Malware Protection Engine to a version that properly scans files and prevents memory corruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.