Number: AV18-056
Date: 4 April 2018
Purpose
The purpose of this advisory is to bring attention to a recently released Microsoft Security Update which addresses failure to properly scan a specially crafted file, leading to memory corruption and remote code execution in the Microsoft Malware Protection Engine.
Assessment
This advisory addresses the vulnerability by correcting how the Microsoft Malware Protection Engine scans specially crafted files.
Affected Products:
- Microsoft Exchange Server 2013 and 2016
- Microsoft Forefront Endpoint Protection 2010
- Microsoft Security Essentials
- Windows Defender
- Windows Intune Endpoint Protection
CVE References: CVE-2018-0986
Suggested action
No action is required as the Microsoft Malware Protection Engine as a built-in and automatic updates feature. Update should be applied within forty-eight (48) hours of release by vendor.
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986