Microsoft is issuing an emergency update for its Defender security software following confirmation from CISA that two zero-day vulnerabilities are actively being exploited. One vulnerability, CVE-2026-41091, allows for privilege escalation within the Microsoft Malware Protection Engine. The second, CVE-2026-45498, is a denial-of-service vulnerability affecting the Microsoft Defender Antimalware Platform and related products. CISA has mandated that federal agencies implement mitigation measures by June 3. AI
IMPACT This incident highlights ongoing cybersecurity risks for AI infrastructure and enterprise software, necessitating prompt patching to prevent breaches.
RANK_REASON Security update for a widely used software product addressing actively exploited vulnerabilities.
- CISA
- CVE-2026-41091
- CVE-2026-45498
- Microsoft
- Microsoft Defender
- Microsoft Malware Protection Engine
- Microsoft System Center Endpoint Protection
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →
