Microsoft Defender Zero-Day Flaws Actively Exploited, Patches Deployed
Microsoft disclosed two actively exploited zero‑day flaws in its Defender suite. CVE‑2026‑41091 is a privilege‑escalation bug in the Malware Protection Engine that can grant SYSTEM rights, while CVE‑2026‑45498 can trigger a denial‑of‑service condition in the Antimalware Platform. The company began rolling out updated engine versions (1.1.26040.8 and 4.18.26040.7) and advises users to verify that Defender updates are applied automatically.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added both vulnerabilities to its Known Exploited Vulnerabilities catalog and issued a binding operational directive requiring federal civilian agencies to remediate the flaws on Windows endpoints by June 3. CISA warned that the flaws pose significant risk to the federal enterprise and urged immediate mitigation.
Microsoft also provided step‑by‑step instructions for checking the Defender version and update status via the Windows Security app.