Microsoft patches critical Windows Defender zero‑day flaws after active exploits
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that two zero‑day vulnerabilities in Microsoft Defender are being actively exploited. CVE‑2026‑41091 allows attackers to elevate privileges to SYSTEM level via the Malware Protection Engine, while CVE‑2026‑45498 can trigger a denial‑of‑service condition in the antimalware platform. CISA added both flaws to its catalog of exploited vulnerabilities and ordered federal agencies to apply patches by June 3, 2026.
Microsoft released updated components – version 1.1.26040.8 for the Malware Protection Engine and version 4.18.26040.7 for the antimalware platform – to remediate the issues. The patches cover affected Windows 10, Windows 11, and related Microsoft security products used in enterprise environments worldwide.
Separately, India’s CERT‑In issued an advisory (CIVN‑2026‑0256) highlighting additional Windows, Office, SharePoint and Edge weaknesses that could enable remote code execution or data theft. The Indian warning underscores the global scope of the threat landscape surrounding Microsoft software.