• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Sq Magazine LogoSQ Magazine

Smarter Insights for a Fast-Moving Digital World

  • Latest News
  • Statistics
  • About
  • Contact
Subscribe
Sq Magazine Logo
  • Latest News
  • Statistics
  • About
  • Contact
Subscribe
Home » Cybersecurity

Microsoft Patches Active Defender Zero Day Vulnerabilities

Published on: May 21, 2026
Sofia Ramirez
Written By
Sofia Ramirez
Sofia Ramirez
Senior Tech Writer • 477 Articles
Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps reader...
LATEST POSTS:
Adobe ColdFusion Max-Severity Flaw Now Under Attack
HP DeskJet 2800 Flaw Leaks Wi-Fi Passwords
Microsoft Cuts 4,800 Jobs, Resets Xbox Strategy
Robert A. Lee
Reviewed By
Robert A. Lee
Robert A. Lee
Senior Editor • 399 Articles
Robert A. Lee is a journalist at SQ Magazine who unpacks the fast-moving worlds of gaming and internet trends. He tracks everything from maj...
LATEST POSTS:
PS5 vs Xbox Series X 2026: Full Spec, Performance and Value Comparison
Hulu Statistics 2026: Subscribers, Revenue and Market Share
Spotify vs Apple Music Statistics 2026: Subscribers, Revenue, Market Share
Microsoft Patches Active Defender Zero Day
As Featured In
The New York Times LogoForbes LogoWired LogoDeloitte LogoResearch.com Logo
Share on LinkedIn ChatGPT Perplexity Share on X Share on Facebook

Microsoft has released emergency security updates for two actively exploited zero day vulnerabilities affecting Microsoft Defender, prompting urgent warnings from cybersecurity agencies and security researchers.

Quick Summary – TLDR:

  • Microsoft patched two zero day flaws affecting Microsoft Defender and related security products.
  • One vulnerability could allow attackers to gain SYSTEM level privileges.
  • The second flaw could trigger denial of service attacks on vulnerable devices.
  • CISA added both vulnerabilities to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch systems by June 3.

What Happened?

Microsoft has rolled out emergency fixes for two security flaws in Microsoft Defender that attackers are already exploiting in real world attacks. The vulnerabilities affect core Defender components used across Windows systems and enterprise security environments.

The flaws, tracked as CVE-2026-41091 and CVE-2026-45498, impact the Microsoft Malware Protection Engine and Microsoft Defender Antimalware Platform. Security experts say the bugs could allow attackers to gain powerful system access or disrupt security operations on targeted devices.

🚨 Microsoft warns two Defender vulnerabilities are being actively exploited in the wild.https://t.co/zWPNKTIidF

🔸 CVE-2026-41091 could allow attackers to gain SYSTEM privileges locally.
🔸 CVE-2026-45498 is a denial-of-service flaw impacting Defender.

CISA added both to KEV… pic.twitter.com/S2PQ9D2fch

— The Hacker News (@TheHackersNews) May 21, 2026

Microsoft Confirms Active Exploitation

The first vulnerability, CVE-2026-41091, is an elevation of privilege flaw caused by improper link resolution before file access. Microsoft said the issue affects Microsoft Malware Protection Engine version 1.1.26030.3008 and earlier.

If successfully exploited, attackers can gain SYSTEM privileges, giving them deep control over affected Windows devices. Because Microsoft Defender operates with elevated permissions, security researchers warn that exploitation could allow attackers to bypass protections, manipulate files, or execute malicious actions with full system access.

Microsoft fixed the issue in Malware Protection Engine version 1.1.26040.8.

The second vulnerability, CVE-2026-45498, is a denial of service flaw affecting Microsoft Defender Antimalware Platform version 4.18.26030.3011 and earlier. The issue was patched in platform version 4.18.26040.7.

Unlike the first vulnerability, this flaw does not enable remote code execution. However, attackers could still abuse it to crash systems or disrupt enterprise security operations.

Wider Impact on Microsoft Security Products

Microsoft confirmed that the affected antimalware platform is also used by several older Microsoft security products, including:

  • Microsoft Security Essentials
  • Microsoft System Center Endpoint Protection
  • Microsoft System Center 2012 Endpoint Protection
  • Microsoft System Center 2012 R2 Endpoint Protection

The company noted that systems with Microsoft Defender disabled are not vulnerable to exploitation, even if Defender files remain present on the device.

Newsletter
Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.

Links to Public Exploit Research

Security researcher Fabian Bader said the newly patched flaws are related to the publicly disclosed BlueHammer exploit released by researcher Chaos Eclipse last month.

According to Bader, the vulnerabilities are variants known as UnDefend and RedSun, both connected to the wider BlueHammer attack technique that has already been seen in active attacks.

Microsoft has not publicly shared details about the attackers or how widespread the exploitation currently is.

CISA Adds Vulnerabilities to KEV List

The U.S. Cybersecurity and Infrastructure Security Agency, better known as CISA, has added both flaws to its Known Exploited Vulnerabilities catalog.

Federal agencies are required to secure affected systems by June 3 under current federal remediation guidelines. CISA warned that vulnerabilities affecting security software are especially dangerous because they often run with elevated privileges inside enterprise environments.

The agency also encouraged private organizations to review the KEV catalog and prioritize patching systems vulnerable to active attacks.

Busy Week for Microsoft Security Teams

The Defender zero days arrive during an intense week for Microsoft security teams. The company has already faced multiple security incidents and vulnerability disclosures in recent days.

Microsoft Exchange administrators were recently warned about another active zero day exploit requiring emergency mitigation. At the same time, researchers at the Pwn2Own Berlin hacking event uncovered several new Windows vulnerabilities, while Microsoft also continued investigating attacks linked to the YellowKey exploit and the Storm 2949 threat group targeting Microsoft 365 and Azure customers.

With attackers increasingly targeting security products themselves, experts say organizations should verify that Defender platform updates and malware definitions are installing correctly across all Windows environments.

SQ Magazine Takeaway

I think this incident shows how dangerous modern attacks have become. Attackers are no longer just targeting apps or browsers. They are now going directly after security software that already has deep system access. That makes these vulnerabilities especially serious for businesses and government agencies. Microsoft moved quickly with patches, but this is another reminder that security tools themselves can become high value attack targets if updates are delayed.

This article has been reviewed and fact-checked by Robert A. Lee. SQ Magazine follows strict Publishing Principles and a documented Fact-Check Policy to ensure accuracy, transparency, and editorial independence across all content.

Add SQ Magazine as a Preferred Source on Google for updates! Follow on Google News
Share ChatGPT Perplexity

References

  • CVE-2026-41091 Details
  • CVE-2026-45498 Details
Sofia Ramirez

Sofia Ramirez

Senior Tech Writer


Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps readers stay informed and secure in today’s fast-changing tech landscape. Passionate about making cybersecurity accessible, Sofia blends research-driven analysis with straightforward explanations; so whether you’re a tech professional or a curious reader, her work ensures you’re always one step ahead in the digital world.

Related Posts

Cisa Warns To Patch Windows Server Wsus Flaw
Cybersecurity

Hackers Exploit WSUS Flaw as Feds Rush to Secure Vulnerable Servers

Microsoft Defender Adds Rpc Attack Detection
Cybersecurity

Microsoft Defender Adds RPC Attack Detection Features

Microsoft Patches Sharepoint Remote Code Execution Bug
Cybersecurity

Microsoft Patches SharePoint Remote Code Execution Bug

Disclaimer: The content published on SQ Magazine is for informational and educational purposes only. Please verify details independently before making any important decisions based on our content.

Reader Interactions

Leave a Comment Cancel reply

Primary Sidebar

Connect With Us

facebook x linkedin google-news telegram pinterest whatsapp email
google-preferred-source-badge Add as a preferred source on Google

You Should Also Read

Microsoft Confirms Exploitation of Critical Windows Remote Access Flaw in the Wild
Microsoft Scrambles to Fix Defender Bug Triggering Fake BIOS Updates
Microsoft Urges Responsible Zero Day Disclosure Practices

Table of Contents

  • Quick Summary – TLDR:
  • What Happened?
  • Microsoft Confirms Active Exploitation
  • Wider Impact on Microsoft Security Products
  • Links to Public Exploit Research
  • CISA Adds Vulnerabilities to KEV List
  • Busy Week for Microsoft Security Teams
  • SQ Magazine Takeaway
Connect on Telegram

Footer

SQ Magazine Logo

Smarter Insights for a Fast-Moving Digital World

Connect With Us

Follow Us on Google News

Editorial & Trust

  • About
  • Publishing Principles
  • Fact-Check Policy
  • Corrections Policy
  • Ethics Policy
  • Disclaimer

Worth Checking

  • Social Media Attention Span Stats
  • Gen Z Social Media Statistics
  • TikTok vs. Instagram Statistics
  • LLM Hallucination Statistics
  • Spotify User Statistics
  • Apple Customer Loyalty Statistics
Contact Us
13570 Grove Dr #189,
Maple Grove, MN 55311,
United States
10 a.m. to 6 p.m. | Every day

Copyright © 2022–2026 SQ Magazine. All Rights Reserved. Powered by the Neural Stack.

  • Privacy Policy
  • Terms
  • Accessibility Statement
Company
  • About Us
  • Our Team
  • Our Mission
  • Core Values
Discover
  • Brand Assets
    Brand Assets
  • Stats Methodology
    Stats Research Process
  • Glossary
    Glossary
Categories
  • Internet
  • Technology
  • Artificial Intelligence
  • Gaming
  • Cybersecurity
Internet
Hulu Statistics
Hulu Statistics 2026: Subscribers, Revenue and Market Share
Spotify vs Apple Music Statistics
Spotify vs Apple Music Statistics 2026: Subscribers, Revenue, Market Share
Time Spent on TikTok Statistics
Time Spent on TikTok Statistics 2026: Daily Minutes by Age
Google Workspace Statistics
Google Workspace Statistics 2026: Users, Market Share and AI
YouTube vs TikTok Statistics
YouTube vs TikTok Statistics 2026: Users, Revenue, Creator Economy
Internet Outage Statistics
Internet Outage Statistics 2026: Frequency, Cost and Causes
Technology
Google Cloud Platform Statistics
Google Cloud Platform Statistics 2026: Market Growth
Asana Statistics
Asana Statistics 2026: Revenue, Customers, AI ARR and Market Share
AWS Statistics
AWS Statistics 2026: Revenue, Market Share and AI Growth
Adobe Creative Cloud Statistics
Adobe Creative Cloud Statistics 2026: Subscribers, Revenue and Market Share
Adobe Statistics
Adobe Statistics 2026: Revenue, ARR, and Workforce Data
Employee Productivity Statistics
Employee Productivity Statistics 2026: Engagement, Costs & Trends
Artificial Intelligence
Grammarly AI Statistics
Grammarly AI Statistics 2026: Users, Revenue, Funding, Rebrand
Copilot Statistics
Copilot Statistics 2026: Users, Adoption, Revenue and Market Share
AI Image Generation Statistics
AI Image Generation Statistics 2026: Market Size, Adoption & Risks
Machine Learning Adoption
Machine Learning Adoption in 2026: What Businesses Need to Know
AI Influencer Marketing Statistics
AI Influencer Marketing Statistics: Market Size and Engagement
AI Market Statistics
AI Market Statistics 2026: Size, Growth & Investment
Gaming
Online Gambling Regulations Statistics
Online Gambling Regulations Statistics 2026: Global Compliance and Enforcement Data
Fantasy Sports Statistics
Fantasy Sports Statistics 2026: Users, Revenue & Trends
Apex Legends Statistics
Apex Legends Statistics 2026: Players, Revenue, and Esports
Fortnite Statistics
Fortnite Statistics 2026: Players, Revenue, Esports, and Engagement
Gamers Statistics
Gamers Statistics 2026: Players, Habits & Global Data
Minecraft Statistics
Minecraft Statistics 2026: 300 Million Copies Sold & 212M Monthly Players
Cybersecurity
Password Statistics
Password Statistics 2026: Credential Theft, MFA, and the Passkey Tipping Point
Identity Theft Statistics
Identity Theft Statistics 2026: Key Fraud Data and Trends
CVE Statistics
CVE Statistics 2026: Severity Distribution and Top Affected Vendors
Dark Web AI Tool Marketplace Statistics
Dark Web AI Tool Marketplace Statistics 2026: Explosive Market Growth
API Security Breach Statistics
API Security Breach Statistics 2026: Hidden Threats
AI Voice Cloning Fraud Statistics
AI Voice Cloning Fraud Statistics 2026: Alarming Trends You Must Know Now
Categories
  • Cybersecurity
  • Artificial Intelligence
  • Internet
  • Technology
  • Gaming
Cybersecurity
Accenture Confirms Breach After Hacker Lists Stolen Data
Accenture Confirms Breach After Hacker Lists Stolen Data
Adobe Coldfusion Max Severity Flaw Now Under Attack
Adobe ColdFusion Max-Severity Flaw Now Under Attack
Hp Deskjet 2800 Flaw Leaks Wi Fi Passwords
HP DeskJet 2800 Flaw Leaks Wi-Fi Passwords
Pamstealer Macos Malware Exposed
PamStealer Malware Verifies Stolen Mac Passwords Live
Google Fbi Disrupt Netnut Residential Proxy Network
Google, FBI Disrupt NetNut Residential Proxy Network
India Drafts Stricter Rules For Vpn Providers
India Drafts Stricter Rules for VPN Providers: Report
Artificial Intelligence
Openai Launches Gpt Live Full Duplex Voice Models
OpenAI Launches GPT-Live Full-Duplex Voice Models
Trump Administration Clears Openai S Gpt 5 6 For Launch
Trump Administration Clears OpenAI’s GPT-5.6 for Launch
Anthropic Extends Claude Fable 5 Included Access
Anthropic Extends Claude Fable 5 Included Access
Anthropic Brings Claude Cowork To Phones And Web
Anthropic Brings Claude Cowork to Phones and Web
Terawulf Signs 20 Year 19 Billion Anthropic Lease
TeraWulf Signs 20-Year, $19 Billion Anthropic Lease
Microsoft Launches Frontier Company
Microsoft Launches Frontier Company With $2.5B Bet
Internet
Whatsapp Launches Username Reservation Feature
WhatsApp Opens Username Reservations for Its 3 Billion Users
Chrome 149 Update Fixes Serious Vulnerabilities
Google Chrome 149 Fixes 18 Serious Security Flaws
Meta Hands Whatsapp Reins To Cred Founder Kunal Shah
Meta Hands WhatsApp Reins to CRED Founder Kunal Shah
Major X Outage Disrupts Users Worldwide
Major X Outage Disrupts Users Worldwide, Service Restored
Meta Adds 13 Plus Age Verification For Teen Safety
Meta Adds 13+ Content Settings and AI Age Checks for Teens
Telegram Restricted In India Temporarily
Telegram Restricted in India as NEET Fraud Crackdown Grows
Technology
Microsoft Lays Off 4800 Employees
Microsoft Cuts 4,800 Jobs, Resets Xbox Strategy
Chrome Update Fixes 382 Vulnerabilities
Chrome 150 Patches 382 Security Fixes, 15 Critical
Apple Leak Reveals Six New Iphones For 2027
Massive Apple Leak Reveals Six New iPhones for 2027
Google Finance Comes Out Of Beta With Android App
Google Finance Gets Major AI Upgrade and New Android App
Windows Recycle Bin Bug Confirmed After June Security Update
Windows Recycle Bin Bug Confirmed After June Security Update
Apple Urgently Fixes Beats Studio Buds Bug
Apple Urgently Fixes Beats Studio Buds Bug That Enabled Spying
Gaming
Gta Vi Official Cover Art
GTA 6 Pre-Orders Start June 25, New Cover Art Unveiled
Epic Games Teases Unreal Engine 6 For Rocket League
Epic Games Teases Unreal Engine 6 for Rocket League
Stardew Valley Launched For Nintendo Switch 2 Edition
Stardew Valley Switch 2 Edition Arrives with Online Co-op
Hogwarts Legacy Game Crosses 40m Downloads
Hogwarts Legacy Crosses 40M Sales, Beating Industry Giants
Pubg Black Budget Closed Alpha Launched
PUBG: Black Budget Launches Closed Alpha Test With a Bold PvPvE Twist
Counter Strike 2 Skin Market Crashes After Valve Update
Counter-Strike 2’s $5.9 Billion Skin Economy Just Got Shattered
Newsletter

Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.

Newsletter

Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.