Windows defender
This hub aggregates every CVE we track for Windows defender, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
31
CVEs tracked
1
Critical
21
High
2
In CISA KEV
Severity distribution
HIGH21MEDIUM9CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Windows defender.
- CVE-2024-20671Microsoft Defender Security Feature Bypass Vulnerability5.5
- CVE-2023-36422Microsoft Windows Defender Elevation of Privilege Vulnerability7.8
- CVE-2023-38175Microsoft Windows Defender Elevation of Privilege Vulnerability7.8
- CVE-2021-34522Microsoft Defender Remote Code Execution Vulnerability7.8
- CVE-2021-24092Microsoft Defender Elevation of Privilege Vulnerability7.8
- CVE-2021-1647Microsoft Defender Remote Code Execution VulnerabilityKEV7.8
- CVE-2020-1461An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on t...7.1
- CVE-2020-1163An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the syste...7.8
- CVE-2020-1170An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the syste...7.8
- CVE-2020-1002An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on t...7.1
- CVE-2020-0835An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links, aka 'Windows Defender Antimalware Platform Hard Link Elevation of Privilege ...7.8
- CVE-2019-1255A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.7.5
- CVE-2019-1161Microsoft Defender Elevation of Privilege Vulnerability7.1
- CVE-2018-0986A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Prote...8.8
- CVE-2017-11937The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows ...7.8
Product normalization is registry-driven with AI assist and human review. How it works