The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Forefront Security for Exchange Server

computer vulnerability CVE-2017-0290

Microsoft Malware Protection Engine: code execution

Synthesis of the vulnerability

An attacker can send a malicious document or invite the victim to read a malicious document, in order to run code during the analysis by Microsoft Malware Protection Engine.
Impacted products: Forefront Endpoint Protection, Forefront Security for Exchange Server, System Center Endpoint Protection, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 09/05/2017.
Revision date: 09/05/2017.
Identifiers: 1252, 4022344, CERTFR-2017-ALE-009, CERTFR-2017-AVI-151, CVE-2017-0290, VIGILANCE-VUL-22655.

Description of the vulnerability

The Microsoft Malware Protection Engine product analyzes files, searching for malware. It is used in several Microsoft security products (Windows Defender, Microsoft Security Essentials, etc.).

However, when a malicious file is analyzed, code runs with LocalSystem privileges in mpengine.dll.

An attacker can therefore send a malicious document or invite the victim to read a malicious document, in order to run code during the analysis by Microsoft Malware Protection Engine.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-2779

Microsoft Malware Protection Engine: denial of service

Synthesis of the vulnerability

An attacker can send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Impacted products: Forefront Security for Exchange Server, Forefront Threat Management Gateway, Forefront Unified Access Gateway, SCCM, SCOM, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: document.
Creation date: 18/06/2014.
Identifiers: 2974294, CVE-2014-2779, VIGILANCE-VUL-14908.

Description of the vulnerability

The Microsoft Malware Protection Engine analyzes files searching for malware.

However, a malicious file locks this engine.

An attacker can therefore send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2014-0294

Microsoft Forefront Protection 2010 for Exchange: code execution

Synthesis of the vulnerability

An attacker can send a malicious email to Microsoft Forefront Protection 2010 for Exchange, in order to execute code.
Impacted products: Exchange, Forefront Security for Exchange Server.
Severity: 4/4.
Consequences: privileged access/rights, user access/rights.
Provenance: document.
Creation date: 11/02/2014.
Identifiers: 2927022, BID-65397, CERTFR-2014-AVI-063, CVE-2014-0294, MS14-008, VIGILANCE-VUL-14221.

Description of the vulnerability

The Microsoft Forefront Protection 2010 for Exchange product analyzes emails, in order to detect malware.

However, a malformed email forces Forefront Protection to execute code.

An attacker can therefore send a malicious email to Microsoft Forefront Protection 2010 for Exchange, in order to execute code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.