Microsoft has recently issued a warning about two significant vulnerabilities in its Defender software that are currently being exploited. These flaws, identified as CVE-2026-41091 and CVE-2026-45498, are affecting the security of systems worldwide.
Details of the Vulnerabilities
The first vulnerability, CVE-2026-41091, is a privilege escalation issue that has been assigned a CVSS score of 7.8. It allows attackers to gain SYSTEM level access through improper link resolution before file access. This flaw provides an opportunity for authorized users to increase their access privileges significantly.
The second flaw, CVE-2026-45498, is a denial-of-service vulnerability with a CVSS score of 4.0. It impacts the Defender system by potentially interrupting its regular operations. Both vulnerabilities have been addressed with updates in the Microsoft Defender Antimalware Platform versions 1.1.26040.8 and 4.18.26040.7.
Steps to Mitigate the Risks
Microsoft has assured users that systems with Defender disabled are not at risk. Additionally, users do not need to take manual action as updates are applied automatically, enhancing the malware definitions and protection engine. It is crucial to ensure the latest updates are installed by navigating to the Windows Security program and checking for updates.
The discovery of these vulnerabilities is credited to various researchers, including Sibusiso, Diffract, Andrew C. Dorman, Damir Moldovanov, and an anonymous contributor. These efforts highlight the importance of collaborative work in identifying and mitigating cybersecurity risks.
Broader Implications and Future Updates
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has listed these vulnerabilities in its Known Exploited Vulnerabilities catalog, mandating that federal agencies address these issues by June 3, 2026. This directive underscores the critical nature of these security threats.
Moreover, Microsoft has also reported an unrelated cross-site scripting vulnerability in Exchange Server, emphasizing the ongoing challenges in maintaining cybersecurity. Other historical vulnerabilities in Microsoft products, ranging from 2008 to 2010, have also been included in CISA’s catalog, demonstrating the persistent need for vigilance and regular software updates.
In conclusion, staying informed and ensuring timely updates are pivotal in safeguarding systems against such vulnerabilities. As the cybersecurity landscape evolves, proactive measures and awareness remain key to mitigating risks and protecting sensitive data.
