Microsoft has disclosed that CVE-2026-41091 and CVE-2026-45498 in Defender are being actively exploited in the wild, with the former allowing local privilege escalation to SYSTEM and the latter causing denial of service. CISA has added both flaws to its KEV catalog, while Microsoft says the issues are fixed in Defender Antimalware Platform versions 1.1.26040.8 and 4.18.26040.7. #CVE-2026-41091 #CVE-2026-45498 #MicrosoftDefender #CISA #KEV
Keypoints
- Microsoft Defender flaws CVE-2026-41091 and CVE-2026-45498 are being exploited in the wild.
- CVE-2026-41091 can let an authorized attacker gain SYSTEM privileges locally.
- CVE-2026-45498 is a denial-of-service issue affecting Microsoft Defender.
- Microsoft says the fixes are included in Defender Antimalware Platform versions 1.1.26040.8 and 4.18.26040.7.
- CISA has added both vulnerabilities to its Known Exploited Vulnerabilities catalog with a June 3, 2026 deadline for FCEB agencies.
Read More: https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html