<< Back
CVE Number Vulnerability Product Severity Date
CVE-2021-42298 Microsoft Defender Remote Code Execution Vulnerability Microsoft Malware Protection Engine Critical 10-12-2021

Technical Information

Brief overview of the risk:

A remote code execution vulnerability in microsoft defender which can be exploited when users open specially crafted files or scan the specially crafted file. Microsoft has flagged this ‘Exploitation More Likely’. No user or admin intervention is required to apply the patch as the product is auto-updated. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host machine in the context of the logged on user.

Further information on this vulnerability is available at : CVE-2021-42298

Affected Software

Microsoft Malware Protection Engine