diff --git a/stl/src/xmbtowc.cpp b/stl/src/xmbtowc.cpp
index 2cc7f8766c..e34df4afa1 100644
--- a/stl/src/xmbtowc.cpp
+++ b/stl/src/xmbtowc.cpp
@@ -126,6 +126,12 @@ _MRTIMP2 _Success_(return >= 0) int __cdecl _Mbrtowc(
             }
         }
 
+        // Reject overlong forms and out-of-range code points (see N4950 [locale.codecvt.virtuals]/3)
+        if ((consumedCount == 2 && wch < 0x80u) || (consumedCount == 3 && wch < 0x800u) || wch > 0x10FFFFu) {
+            errno = EILSEQ;
+            return -1;
+        }
+
         if (wch >= 0xD800u && wch <= 0xDFFFu) { // tried to decode unpaired surrogate
             errno = EILSEQ;
             return -1;