Microsoft Defender vulnerabilities are being exploited in the wild

Two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498) are being actively exploited in the wild; the first permits local attackers to elevate to SYSTEM (CVSS 7.8) and the second enables denial-of-service (CVSS 4.0). CISA added them to its Known Exploited Vulnerabilities catalog and Microsoft’s Defender platform update 4.18.26040.7 contains the fixes—administrators should ensure Windows Update and Defender platform/intelligence updates are applied.