<< Back
CVE Number Vulnerability Product Severity Date
MS07-010 Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135) Windows Live Critical 14-02-2007

Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in the Microsoft Malware Protection Engine because of the way that it parses Portable Document Format (PDF) files. An attacker could exploit the vulnerability by constructing a specially crafted PDF File that could potentially allow remote code execution when the target computer system receives, and the Microsoft Malware Protection Engine scans, the PDF file.
Detailed Information on the risk:
This bulletin covers a code execution vulnerability in Microsoft’s core Anti-Virus engine. Products affected include OneCare, Antigen, Forefront Security, and Windows Defender, including Windows Defender for Vista.Further information on this exploit is available at : MS07-010

Affected Software

Windows Live OneCare
Microsoft Antigen for Exchange 9.x
Microsoft Antigen for SMTP Gateway 9.x
Microsoft Windows Defender
Microsoft Windows Defender x64 Edition
Microsoft Windows Defender in Windows Vista
Microsoft Forefront Security for Exchange Server
Microsoft Forefront Security for SharePoint