Ethical Hacking News
Microsoft's Defender platform has been compromised by two actively exploited vulnerabilities, CVE-2026-41091 and CVE-2026-45498. These flaws allow attackers to gain SYSTEM privileges or cause denial-of-service attacks, highlighting the ongoing threat landscape for cybersecurity. Follow these steps to ensure you have the latest updates installed and stay informed about potential security risks.
Microsoft has disclosed two vulnerabilities in its Defender platform that are currently being exploited in the wild, highlighting the ongoing threat landscape for cybersecurity.The vulnerabilities, CVE-2026-41091 and CVE-2026-45498, pose significant risks to systems running Microsoft's Antimalware Platform, potentially allowing attackers to gain SYSTEM privileges or cause denial-of-service (DoS) attacks.Microsoft has released patches for both vulnerabilities in recent updates, including version 1.1.26040.8 for CVE-2026-41091 and version 4.18.26040.7 for CVE-2026-45498.Sysadmins are recommended to install the latest updates and ensure their systems are running the latest version of the platform to mitigate the risks.
Microsoft has recently disclosed that two vulnerabilities in its Defender platform have come under active exploitation in the wild, highlighting the ongoing threat landscape for cybersecurity. The vulnerabilities, tracked as CVE-2026-41091 and CVE-2026-45498, pose significant risks to systems running Microsoft's Antimalware Platform, as they can be exploited by attackers to gain SYSTEM privileges or cause denial-of-service (DoS) attacks.
The first vulnerability, CVE-2026-41091, is rated 7.8 on the Common Vulnerability Scoring System (CVSS), indicating a high level of severity. This flaw, which affects improper link resolution before file access, allows an authorized attacker to elevate privileges locally, compromising system security. Microsoft's advisory notes that this vulnerability has been addressed in the latest version of the Microsoft Defender Antimalware Platform, version 1.1.26040.8.
The second vulnerability, CVE-2026-45498, is rated 4.0 on the CVSS scale, indicating a moderate level of severity. This DoS bug impacts the Defender platform, causing it to crash or become unresponsive under certain conditions. Microsoft has also released an update to address this issue in version 4.18.26040.7.
It's worth noting that systems with Microsoft Defender disabled are not susceptible to these vulnerabilities, as they do not have the necessary protection mechanisms in place. However, for users who rely on Microsoft's Antimalware Platform for security, it is recommended to install the latest updates and ensure that their system is running the latest version of the platform.
The discovery and reporting of these vulnerabilities can be attributed to five different parties: Sibusiso, Diffract, Andrew C. Dorman (aka ACD421), Damir Moldovanov, and an anonymous researcher. These individuals have played a crucial role in identifying and informing Microsoft about these critical security flaws.
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added both CVE-2026-41091 and CVE-2026-45498 to its Known Exploited Vulnerabilities (KEV) catalog, which requires Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 3, 2026. This move underscores the gravity of these vulnerabilities and emphasizes the importance of prompt patching and remediation.
In recent weeks, Microsoft has disclosed two additional vulnerabilities in its products: a cross-site scripting flaw impacting on-premise versions of Exchange Server (CVE-2026-42897, CVSS score: 8.1) and four older vulnerabilities from 2008, 2009, and 2010, which have been added to the KEV catalog. The exploits for these older vulnerabilities are likely to be different from those for the newer CVE-2026-41091 and CVE-2026-45498.
The exploitation of Microsoft's Defender vulnerabilities highlights the importance of continuous monitoring and patching of software systems. As new threats emerge, it is essential for organizations to stay vigilant and proactive in protecting their assets. The recent disclosures also underscore the need for cybersecurity awareness and education, as users and administrators must be informed about potential security risks and take steps to mitigate them.
To ensure the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed, users can follow these steps:
1. Open the Windows Security program.
2. In the navigation pane, select Virus & threat protection.
3. Then click on Protection Updates in the Virus & threat protection section updates.
4. Select Check for updates.
5. In the navigation pane, select Settings, and then select About.
6. Examine the Antimalware ClientVersion number.
By taking these steps and staying informed about potential security risks, users can help ensure their systems remain secure and protected against threats like those posed by CVE-2026-41091 and CVE-2026-45498.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Exploitation-of-Microsofts-Defender-Vulnerabilities-A-Growing-Concern-for-Cybersecurity-ehn.shtml
https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html
https://nvd.nist.gov/vuln/detail/CVE-2026-41091
https://www.cvedetails.com/cve/CVE-2026-41091/
https://nvd.nist.gov/vuln/detail/CVE-2026-45498
https://www.cvedetails.com/cve/CVE-2026-45498/
Published: Thu May 21 08:19:55 2026 by llama3.2 3B Q4_K_M
