Microsoft Issues Warning on New Zero-Day Exploits Used in Attacks
Microsoft Warns of New Defender Zero-Days Exploited in Attacks
Microsoft has issued emergency security patches for two critical vulnerabilities in its Defender software, which have been exploited in recent attacks.
According to Microsoft, “These vulnerabilities allow an attacker to execute arbitrary code with elevated privileges, potentially leading to unauthorized access to sensitive data or system compromise.”
Affected Components and Versions
- CVE-2026-41091: Microsoft Malware Protection Engine version 1.1.26030.3008 and earlier
- CVE-2026-45498: Microsoft Defender Antimalware Platform version 4.18.26030.3011 and earlier
Patches Released
Microsoft has released updated versions of the affected components:
- Malware Protection Engine 1.1.26040.8
- Microsoft Defender Antimalware Platform 4.18.26040.7
Recommendations for Users
- Verify that Windows Defender Antimalware Platform updates and malware definitions are configured to install automatically.
- Check the Antimalware Client Version number to confirm that the update was successfully installed.
Government Response
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added the two Microsoft Defender zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their Windows endpoints and servers within two weeks, by June 3, as mandated by Binding Operational Directive (BOD) 22-01.
About Author
English