Number: AV17-186
Date: 07 December 2017
Purpose
The purpose of this advisory is to bring attention to a Microsoft security update for Malware Protection Engine.
Assessment
CCIRC is aware of a critical vulnerability in the Microsoft Malware Protection Engine. Exploitation of this vulnerability may allow for remote code execution with elevated privileges and/or create denial of service conditions.
Affected Versions: Microsoft Malware Protection Engine version prior to 1.1.14405.2
CVE reference: CVE-2017-11937
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References: