Please see output. Windows version used is Server 2016 x64 (Please note again we’ve removed the file indicated from both possible origins (WinSxS and Defender folder)
This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 12/06/2017
Vulnerability Detection Result
Installed version: 1.1.14306.0 Fixed version: 1.1.14405.2
Successful exploitation will allow an attacker who successfully exploited this vulnerability to execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then:
view, change, or delete data
create new accounts with full user rights.
Solution type: VendorFix
Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself.
Windows Defender on
Microsoft Windows 8.1
Microsoft Windows 7 SP1
Microsoft Windows 10 x32/x64
Microsoft Windows Server 2016 x64
Microsoft Windows 10 Version 1511 x32/x64
Microsoft Windows 10 Version 1607 x32/x64
Microsoft Windows 10 Version 1703 x32/x64
Microsoft Windows 10 Version 1709 x32/x64
Multiple flaws exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption.
Vulnerability Detection Method
Checks if a vulnerable version is present on the target host.
Details: Microsoft Malware Protection Engine on Windows Defender Multiple Remote Code Ex… (OID: 126.96.36.199.4.1.256188.8.131.522238)
Version used: 2019-05-03T12:31:27+0000