Ethical Hacking News
A critical update has been issued by Microsoft to address two newly discovered zero-day vulnerabilities in its Defender software, which have been exploited in real-world attacks targeting Windows devices. The updates aim to protect users from potential security threats and ensure the integrity of their systems.
Two zero-day vulnerabilities have been found in Microsoft's Defender software. The first vulnerability (CVE-2026-41091) allows attackers to gain SYSTEM privileges through an improper link resolution weakness. The second vulnerability (CVE-2026-45498) enables threat actors to trigger denial-of-service (DoS) states on unpatched Windows devices. Micorsoft has released updated versions of its Malware Protection Engine and Antimalware Platform to address the vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog and ordered federal agencies to secure their systems.
The cybersecurity landscape has just taken a significant turn for the worse with Microsoft announcing that two zero-day vulnerabilities have been found in its Defender software. These flaws were discovered by security researchers and have since been exploited by malicious actors in real-world attacks.
According to Sergiu Gatlan, a news reporter who covers the latest developments in cybersecurity and technology, the first vulnerability, tracked as CVE-2026-41091, affects the Microsoft Malware Protection Engine 1.1.26030.3008 and earlier versions. This flaw stems from an improper link resolution before file access (link following) weakness, which allows attackers to gain SYSTEM privileges.
The second vulnerability, tracked as CVE-2026-45498, affects systems running the Microsoft Defender Antimalware Platform 4.18.26030.3011 and earlier versions. Successful exploitation of this flaw enables threat actors to trigger denial-of-service (DoS) states on unpatched Windows devices.
Microsoft has taken swift action by releasing Malware Protection Engine versions 1.1.26040.8 and 4.18.26040.7, respectively, to address the two security flaws. These updates are available for download from Microsoft's official website.
While Microsoft assures users that the default configuration in its antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up-to-date automatically, it is still recommended to manually verify whether updates have been installed correctly. To do this, users can follow these steps:
1. Open the Windows Security program by typing "Security" in the Search bar.
2. Select the Windows Security program from the search results.
3. In the navigation pane, select Virus & threat protection.
4. Then click Protection Updates in the Virus & threat protection section.
5. Select Check for updates.
Upon verifying that the update has been installed successfully, users can check the Antimalware ClientVersion number in the navigation pane to ensure it matches or exceeds the version number being tried as verified.
In response to these newly discovered vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added them to its Known Exploited Vulnerabilities (KEV) Catalog. CISA has ordered federal agencies to secure their Windows systems against these two Microsoft Defender zero-day vulnerabilities, warning that they are actively being exploited in the wild.
"Certain types of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," the U.S. cybersecurity agency warned. "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."
The recent discovery of these vulnerabilities highlights the importance of keeping software up-to-date and taking proactive measures to protect against emerging threats.
In conclusion, Microsoft's swift response to the newly discovered zero-day vulnerabilities in its Defender software demonstrates a commitment to protecting users from potential security threats. It is crucial for all Windows device owners to take immediate action and patch their systems with the latest updates available from Microsoft.
Related Information:
https://www.ethicalhackingnews.com/articles/Microsoft-Warns-of-New-Defender-Zero-Days-Exploited-in-Attacks-Urges-Users-to-Patch-Immediately-ehn.shtml
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks/
https://nvd.nist.gov/vuln/detail/CVE-2026-41091
https://www.cvedetails.com/cve/CVE-2026-41091/
https://nvd.nist.gov/vuln/detail/CVE-2026-45498
https://www.cvedetails.com/cve/CVE-2026-45498/
Published: Thu May 21 03:06:12 2026 by llama3.2 3B Q4_K_M
