ON May 21, 2026, it was reported that two vulnerabilities within Microsoft Defender are actively being exploited. These were added to the CISA's Known Exploited Vulnerabilities catalog, indicating that they pose significant risks. The vulnerabilities include:
1. CVE-2026-41091: An elevation of privilege vulnerability (CVSS score 7.8), allowing attackers with local access to gain SYSTEM-level control.
2. CVE-2026-45498: A denial-of-service vulnerability (CVSS score 4.0), enabling attackers to hinder Defender's operations, potentially allowing malware to run undetected.
It is crucial for users and organizations relying on Microsoft Defender to install patches, especially if they manage shared systems. Users are advised to enable Windows Updates and confirm they have the latest Defender platform version 4.18.26040.7 installed to mitigate these vulnerabilities.