Microsoft Defender zero-days are being exploited in the wild.

Microsoft Defender zero-days are being exploited in the wild.
Microsoft released fixes for two actively exploited Defender vulnerabilities: CVE-2026-41091, a privilege-escalation flaw that can give attackers SYSTEM privileges, and CVE-2026-45498, a denial-of-service flaw affecting Defender. The bugs affect older Microsoft Malware Protection Engine and Defender Antimalware Platform versions. CISA added both vulnerabilities to its Known Exploited Vulnerabilities list, and U.S. federal agencies have a June 3 remediation deadline. Microsoft says most users should receive the updates automatically, but administrators are being urged to verify Defender platform and definition versions.