Microsoft Malware_protection_engine
12 CVEs affecting Microsoft Malware_protection_engine. Latest disclosed: 2026-05-20. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45584 | High | 8.1 | 2026-05-20 | Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. |
CVE-2026-41091 | High | 7.8 | 2026-05-20 | Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally. |
CVE-2017-11940 | High | 7.8 | 2017-12-08 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1… |
CVE-2017-11937 | High | 7.8 | 2017-12-07 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1… |
CVE-2017-8541 | High | 7.8 | 2017-05-26 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… |
CVE-2017-8538 | High | 7.8 | 2017-05-26 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… |
CVE-2017-0290 | High | 7.8 | 2017-05-09 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… |
CVE-2017-8542 | Medium | 5.5 | 2017-05-26 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… |
CVE-2017-8539 | Medium | 5.5 | 2017-05-26 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, W… |
CVE-2014-2779 | | 2014-06-18 | mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service (system hang) via a crafted file. | |
CVE-2013-1346 | | 2013-05-15 | mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of s… | |
CVE-2011-0037 | | 2011-02-25 | Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Fore… |