PT-2017-18409 · Microsoft · Windows Server 2008+6

Published

2017-06-29

Updated

2019-10-03

CVE-2017-8558

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Malware Protection Engine versions (affected versions not specified)

Description The issue is related to the Microsoft Malware Protection Engine, which does not properly scan a specially crafted file, leading to memory corruption. This can occur on various 32-bit versions of Microsoft Windows operating systems, including Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-8558

Affected Products

Malware Protection Engine

Windows 10

Windows 7

Windows 8.1

Windows Rt 8.1

Windows Server 2008

Windows Server 2012

PT-2017-18409 · Microsoft · Windows Server 2008+6

CVE-2017-8558

Weakness Enumeration

Related Identifiers

Affected Products

References · 7