High severity7.8NVD Advisory· Published May 9, 2017· Updated Jun 17, 2026
CVE-2017-0290
CVE-2017-0290
Description
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- cpe:2.3:a:microsoft:forefront_security:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:malware_protection_engine:*:*:*:*:*:*:*:*range: <=1.1.13701.0
- (no CPE)
- cpe:2.3:a:microsoft:windows_defender:-:*:*:*:*:*:*:*
- Microsoft Corporation/Microsoft Malware Protection Enginev5Range: Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
Patches
Vulnerability mechanics
References
10- technet.microsoft.com/library/security/4022344nvdPatchVendor Advisory
- bugs.chromium.org/p/project-zero/issues/detailnvdExploitThird Party Advisory
- twitter.com/natashenka/status/861748397409058816nvdExploitThird Party Advisory
- www.securityfocus.com/bid/98330nvdThird Party AdvisoryVDB Entry
- arstechnica.com/information-technology/2017/05/windows-defender-nscript-remote-vulnerability/nvdPress/Media CoverageThird Party Advisory
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0290nvdVendor Advisory
- www.securitytracker.com/id/1038419nvd
- www.securitytracker.com/id/1038420nvd
- 0patch.blogspot.si/2017/05/0patching-worst-windows-remote-code.htmlnvd
- www.exploit-db.com/exploits/41975/nvd
News mentions
0No linked articles in our index yet.