Microsoft is issuing an emergency update for its Defender security software following confirmation from CISA that two zero-day vulnerabilities are actively being exploited. One vulnerability, CVE-2026-41091, allows for privilege escalation within the Microsoft Malware Protection Engine. The second, CVE-2026-45498, is a denial-of-service vulnerability affecting the Microsoft Defender Antimalware Platform and related products. CISA has mandated that federal agencies implement mitigation measures by June 3. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT This incident highlights ongoing cybersecurity risks for AI infrastructure and enterprise software, necessitating prompt patching to prevent breaches.
RANK_REASON Security update for a widely used software product addressing actively exploited vulnerabilities.
