本页列出影响 microsoft malware_protection_engine 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-50656 | Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available. | [email protected] | 7.8 | 3.39% | 2026-06-16 | 2026-06-17 |
| CVE-2026-45584 | Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. | [email protected] | 8.1 | 0.85% | 2026-05-20 | 2026-06-17 |
| CVE-2026-41091 KEV | Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 8.37% | 2026-05-20 | 2026-06-17 |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.27% | 2023-07-11 | 2026-06-17 |
| CVE-2023-24860 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 7.5 | 3.05% | 2023-04-11 | 2026-06-17 |
| CVE-2023-23389 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.26% | 2023-03-14 | 2026-06-17 |
| CVE-2022-37971 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.1 | 0.61% | 2022-10-11 | 2026-06-17 |
| CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 2.63% | 2022-04-15 | 2026-06-17 |
| CVE-2021-42298 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 5.48% | 2021-11-09 | 2026-06-17 |
| CVE-2021-34471 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.44% | 2021-08-12 | 2026-06-16 |
| CVE-2021-34464 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 2.86% | 2021-07-16 | 2026-06-16 |
| CVE-2021-34522 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 2.56% | 2021-07-14 | 2026-06-16 |
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 7.76% | 2021-06-08 | 2026-06-16 |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 1.23% | 2021-06-08 | 2026-06-16 |
| CVE-2017-11940 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937. | [email protected] | 7.8 | 19.76% | 2017-12-08 | 2026-06-16 |
| CVE-2017-11937 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". | [email protected] | 7.8 | 28.44% | 2017-12-07 | 2026-06-16 |
| CVE-2017-8542 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 6.02% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8541 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 50.28% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8540 KEV | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 71.96% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8539 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 6.02% | 2017-05-26 | 2026-06-16 |