Introduction
A heap-based buffer overflow in the Microsoft Malware Protection Engine now gives remote attackers a path to code execution on virtually every Windows system running Microsoft Defender. Because Defender ships enabled by default across all supported versions of Windows, CVE-2026-45584 represents a vulnerability with an unusually broad blast radius, touching enterprise endpoints, servers, and consumer machines alike.
Technical Information
Root Cause
The vulnerability resides in mpengine.dll, the core scanning, detection, and cleaning library shared across Microsoft Defender, System Center Endpoint Protection, and Microsoft Security Essentials. It is classified as CWE-122 (Heap-based Buffer Overflow), meaning the flaw involves writing data beyond the bounds of a heap-allocated buffer during file scanning operations within the engine.
CVSS Metrics
The full CVSS 3.1 vector string is:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
| Metric | Value | Description |
|---|---|---|
| Attack Vector (AV) | Network | Exploitable remotely over the network |
| Attack Complexity (AC) | High | Requires enticing a user to trigger a scan on a quarantined malicious file |
| Privileges Required (PR) | None | No prior authentication or privileges needed |
| User Interaction (UI) | None | Scored as None at the base metric level, though complexity notes user actions are required to prepare the environment |
| Confidentiality (C) | High | Total loss of information confidentiality |
| Integrity (I) | High | Total compromise of system integrity |
| Availability (A) | High | Total loss of resource availability |
The base score of 8.1 reflects the tension between the severe impact (High across all three CIA dimensions) and the elevated attack complexity.
Attack Flow
Based on the MSRC advisory, the exploitation sequence proceeds as follows:
-
Delivery: The attacker delivers a specially crafted malicious file to the target system over the network. This could arrive via email, a web download, a file share, or any other network delivery mechanism that places a file on the target.
-
Quarantine: Microsoft Defender detects the file as suspicious and quarantines it. At this stage, the vulnerability has not yet been triggered.
-
User Interaction: The attacker must entice the local user into performing multiple actions that cause Defender to re-scan the quarantined file. The specific user actions required are not detailed in the advisory, but this step is what drives the High attack complexity rating.
-
Trigger: When the Malware Protection Engine (
mpengine.dll) processes the crafted file from quarantine, the heap-based buffer overflow is triggered. The overflow corrupts heap memory in a way that allows the attacker to redirect execution flow. -
Code Execution: The attacker achieves arbitrary code execution in the context of the engine process, with full impact on confidentiality, integrity, and availability of the host system.
The fact that exploitation requires the file to first be quarantined and then re-scanned through user interaction is a meaningful barrier. However, social engineering techniques and targeted phishing campaigns can reliably overcome this hurdle in practice, particularly in enterprise environments.
Patch Information
Microsoft released an official fix on May 19, 2026, delivered through the standard Microsoft Malware Protection Engine update pipeline. The MSRC advisory specifies exact versioning boundaries:
| Component | Vulnerable Version | Fixed Version |
|---|---|---|
| Microsoft Malware Protection Engine | 1.1.26030.3008 and prior | 1.1.26040.8 |
The Remediation Level in the CVSS temporal metrics is set to Official Fix (RL:O), confirming this is a complete vendor solution rather than a workaround or interim hotfix.
Automatic Updates
In most environments, no manual action is required. Microsoft Defender is configured by default to automatically pull engine and security intelligence updates multiple times per day. The engine update ships bundled with security intelligence updates under:
- KB2267602 (for Microsoft Defender)
- KB2461484 (for System Center Endpoint Protection)
Environments with functioning automatic updates would have received the patched engine version shortly after release.
Manual and Enterprise Distribution
For enterprise environments where automatic updates are gated or delayed, administrators can distribute the patched engine through WSUS, Microsoft Configuration Manager (SCCM/MECM), Intune, or a UNC file share. A manual update can also be forced on individual hosts:
MpCmdRun.exe -SignatureUpdate
This forces a signature and engine pull, bringing the engine to version 1.1.26040.8 or later.
Verification
To confirm your engine version, administrators can check the "Engine Version" field in the Windows Security app under Virus & threat protection > Protection updates, or query through PowerShell:
Get-MpComputerStatus | Select-Object AMEngineVersion
A Note on False Positives from Scanners
Systems where Microsoft Defender is disabled may still appear vulnerable in third-party vulnerability scanner reports. This happens because scanners detect the mpengine.dll binary on disk and flag its version number. Microsoft clarifies that disabled Defender installations are not in an exploitable state, since exploitation requires Defender to actively scan a specially crafted malicious file from quarantine.
Affected Systems and Versions
The vulnerability affects all systems running the Microsoft Malware Protection Engine at version 1.1.26030.3008 or earlier. Specific affected products and platforms include:
- Windows 11 (versions 24H2, 25H2, 26H1 for x64)
- Windows Server 2025
- Microsoft System Center Endpoint Protection
- Microsoft Security Essentials
Any product or platform that relies on mpengine.dll for scanning is within the scope of this vulnerability.
Vendor Security History
Microsoft has been recognized as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms for six consecutive years as of 2025. Microsoft Defender XDR achieved 100% protection coverage in MITRE Engenuity ATT&CK evaluations, and the company holds Leader positions in four Forrester Wave categories. Despite this strong industry standing, the discovery of a critical remote code execution vulnerability in the default Windows antimalware engine underscores the persistent challenge of securing complex, widely deployed software. The fact that three related vulnerabilities disclosed in the same patch cycle (CVE-2026-41091, CVE-2026-45498, CVE-2026-45585) are already being exploited in the wild further illustrates the ongoing pressure on Microsoft's security response capabilities.
Threat Intelligence
The exploit code maturity for CVE-2026-45584 is currently listed as Unproven by Microsoft. No functional public exploit has been documented.
However, the threat context around this disclosure warrants attention. GovCERT.HK issued a High Threat Security Alert noting that multiple vulnerabilities patched in the same cycle, specifically CVE-2026-41091, CVE-2026-45498, and CVE-2026-45585, are already being exploited in the wild. Because CVE-2026-45584 was disclosed alongside these and affects similar components, the probability of threat actors reverse-engineering the patch to develop working exploits is elevated.
The provided intelligence does not attribute the active exploitation of the related CVEs to specific threat actors or APT groups. CVE-2026-45584 is not currently listed in the CISA Known Exploited Vulnerabilities catalog, though CISA has been actively adding vulnerabilities throughout April and May 2026. Organizations should monitor threat feeds and the CISA KEV catalog for any status changes.
References
- CVE-2026-45584 Detail, NVD
- CVE-2026-45584, Microsoft Security Update Guide
- Microsoft Defender Antivirus Updates Documentation
- CVE-2026-45584, CVE Feed
- GovCERT.HK High Threat Security Alert (A26-05-33)
- Microsoft: An Industry-Recognized Cybersecurity Leader
- CISA Adds One Known Exploited Vulnerability to Catalog (May 7, 2026)
- CISA Adds Seven Known Exploited Vulnerabilities to Catalog (April 13, 2026)
- CISA Adds Eight Known Exploited Vulnerabilities to Catalog (April 20, 2026)



