Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft disclosed active exploitation of multiple Microsoft Defender vulnerabilities, including a local privilege escalation (CVE-2026-41091, CVSS 7.8) and a denial-of-service bug (CVE-2026-45498, CVSS 4.0); a separate heap-based buffer overflow (CVE-2026-45584, CVSS 8.1) was patched but not seen exploited. Microsoft released Defender platform updates to remediate the issues, and CISA added the actively exploited CVEs to its Known Exploited Vulnerabilities catalog, requiring federal agencies to apply fixes.