Risk | High |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2017-8558 |
CWE-ID | CWE-119 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software |
Microsoft Security Essentials Client/Desktop applications / Antivirus software/Personal firewalls Microsoft Endpoint Protection Client/Desktop applications / Antivirus software/Personal firewalls Windows Defender Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | Microsoft |
Security Bulletin
This security bulletin contains one high risk vulnerability.
EUVDB-ID: #VU7192
Risk: High
CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-8558
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when scanning malicious files by the Microsoft Malware Protection Engine. A remote attacker can send a specially crafted file, trick the victim into opening it and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Microsoft Security Essentials: All versions
Microsoft Endpoint Protection: 2010
Microsoft Endpoint Protection: All versions
Windows Defender: on Windows 7 for 32-bit Systems Service Pack 1 - for Windows 10, Windows 10 1511, Windows 10 1607, Windows Server 2016, Windows 10 1703
CPE2.3http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8558
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.