Critical vulnerability in Microsoft Malware Protection Engine

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.

Vulnerability CVE-2018-0986 affects Microsoft Exchange Server 2013 and 2016, Microsoft Forefront Endpoint Protection 2010, Microsoft Security Essentials, Windows Defender, Windows Intune Endpoint Protection.