SB2017053002 - Multiple vulnerabilities in Microsoft Malware Protection Engine
Published: May 30, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2017-8535)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application and trigger a scan timeout.
Successful exploitation of the vulnerability may allow an attacker to disable anti-malware protection on the system until the affected service is restarted.
2) Improper input validation (CVE-ID: CVE-2017-8536)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application and trigger a scan timeout.
Successful exploitation of the vulnerability may allow an attacker to disable anti-malware protection on the system until the affected service is restarted.
3) Improper input validation (CVE-ID: CVE-2017-8537)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application and trigger a scan timeout.
Successful exploitation of the vulnerability may allow an attacker to disable anti-malware protection on the system until the affected service is restarted.
4) Memory corruption (CVE-ID: CVE-2017-8538)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.5) Improper input validation (CVE-ID: CVE-2017-8539)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application and trigger a scan timeout.
Successful exploitation of the vulnerability may allow an attacker to disable anti-malware protection on the system until the affected service is restarted.
6) Memory corruption (CVE-ID: CVE-2017-8540)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.7) Memory corruption (CVE-ID: CVE-2017-8541)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.8) Improper input validation (CVE-ID: CVE-2017-8542)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing specially crafted files within Microsoft Malware Protection Engine (mpengine.dll). A remote attacker can create a specially crafted file, pass it to the affected application and trigger a scan timeout.
Successful exploitation of the vulnerability may allow an attacker to disable anti-malware protection on the system until the affected service is restarted.
Remediation
Install update from vendor's website.
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8535
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8536
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8537
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8538
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8539
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8540
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8541
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8542