Microsoft Defender vulnerabilities are being exploited in the wild.

Microsoft Defender vulnerabilities are being exploited in the wild.
Attackers are exploiting two Microsoft Defender flaws: CVE-2026-41091 and CVE-2026-45498. One can allow local privilege escalation, while the other can cause denial of service; Microsoft fixed them in updated Defender engine/platform versions, and CISA added them to KEV with a federal remediation deadline of June 3, 2026. This is especially sensitive because Defender is itself a security tool, so compromise or bypass of it can help attackers persist inside already-targeted systems.