本頁列出影響 microsoft malware_protection_engine 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-50656 | Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available. | [email protected] | 7.8 | 3.39% | 2026-06-16 | 2026-06-17 |
| CVE-2026-45584 | Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. | [email protected] | 8.1 | 0.85% | 2026-05-20 | 2026-06-17 |
| CVE-2026-41091 KEV | Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 8.37% | 2026-05-20 | 2026-06-17 |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.27% | 2023-07-11 | 2026-06-17 |
| CVE-2023-24860 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 7.5 | 3.05% | 2023-04-11 | 2026-06-17 |
| CVE-2023-23389 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.26% | 2023-03-14 | 2026-06-17 |
| CVE-2022-37971 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.1 | 0.61% | 2022-10-11 | 2026-06-17 |
| CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 2.63% | 2022-04-15 | 2026-06-17 |
| CVE-2021-42298 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 5.48% | 2021-11-09 | 2026-06-17 |
| CVE-2021-34471 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.44% | 2021-08-12 | 2026-06-16 |
| CVE-2021-34464 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 2.86% | 2021-07-16 | 2026-06-16 |
| CVE-2021-34522 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 2.56% | 2021-07-14 | 2026-06-16 |
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 7.76% | 2021-06-08 | 2026-06-16 |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 1.23% | 2021-06-08 | 2026-06-16 |
| CVE-2017-11940 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937. | [email protected] | 7.8 | 19.76% | 2017-12-08 | 2026-06-16 |
| CVE-2017-11937 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". | [email protected] | 7.8 | 28.44% | 2017-12-07 | 2026-06-16 |
| CVE-2017-8542 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 6.02% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8541 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 50.28% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8540 KEV | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 71.96% | 2017-05-26 | 2026-06-16 |
| CVE-2017-8539 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 6.02% | 2017-05-26 | 2026-06-16 |