Microsoft Antivirus Engine Integer Overflow Vulnerability

Microsoft Antivirus Engine Integer Overflow Vulnerability

Microsoft Antivirus Engine is prone to an integer-overflow vulnerability when the application processes maliciously crafted files.

This issue is currently being exploited via Portable Document Files (PDF), but other Microsoft applications are also reported vulnerable.

An attacker could exploit this issue by enticing a victim into receiving or opening a malicious Office file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the currently logged-in user.