Vulnerability intelligence
CVE-2026-33825
Microsoft Defender Insufficient Granularity of Access Control Vulnerability
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
High
EPSS — Exploit Probability
6.7%
Riskier than 93% of all CVEs
Exploitation
Confirmed in the wild
Used in ransomware campaigns
Remediation
Patch available
Federal deadline 2026-05-06
CISA required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2026-05-06.
17 articles across 9 outlets · first covered Apr 14, 2026 · latest Jul 1, 2026
Tracked incidents
Coverage timeline
-
CISA warns BlueHammer flaw now used in ransomware attackssecurityaffairs.com · Jul 1, 2026
-
BlueHammer Defender Flaw Linked to Ransomware Exploitswww.securityweek.com · Jun 30, 2026
-
Windows Zero-Day Barrage Continues After Patch Tuesdaywww.darkreading.com · May 19, 2026
-
Windows Zero Days YellowKey & GreenPlasma Expose BitLocker Bypasssecurityaffairs.com · May 15, 2026
-
CISA urges patch Microsoft Defender flaw CVE-2026-33825 by May 6securityaffairs.com · Apr 23, 2026
-
Recent Microsoft Defender Vulnerability Exploited as Zero-Daywww.securityweek.com · Apr 23, 2026
-
CISA adds Microsoft Defender flaw CVE-2026-33825 to KEV listwww.cisa.gov · Apr 22, 2026
-
CISA adds Microsoft Defender flaw CVE-2026-33825 to KEV listcisa.gov · Apr 22, 2026
-
Exploits Turn Windows Defender into Attacker Toolwww.darkreading.com · Apr 21, 2026
-
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated accesssecurityaffairs.com · Apr 19, 2026
-
April Patch Tuesday patches two Microsoft zero day flawswww.malwarebytes.com · Apr 15, 2026
-
Microsoft Fixes Two Zero-Days in April Patch Tuesdaywww.infosecurity-magazine.com · Apr 15, 2026
-
Microsoft fixes SharePoint zero day CVE-2026-32201 in Aprilsecurityaffairs.com · Apr 15, 2026
-
Microsoft patches 167 flaws, including exploited SharePoint bugwww.rapid7.com · Apr 14, 2026
-
Privilege Elevation Dominates Massive Microsoft Patch Updatewww.darkreading.com · Apr 14, 2026
-
Microsoft patches SharePoint zero day CVE-2026-32201 in the wildwww.securityweek.com · Apr 14, 2026
-
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)isc.sans.edu · Apr 14, 2026