{"id":251441,"date":"2026-05-21T03:49:00","date_gmt":"2026-05-21T07:49:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/21\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/"},"modified":"2026-05-21T10:45:18","modified_gmt":"2026-05-21T14:45:18","slug":"microsoft-warns-of-new-defender-zero-days-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/21\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/","title":{"rendered":"Microsoft warns of new Defender zero-days exploited in attacks"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/\">Microsoft warns of new Defender zero-days exploited in attacks<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-21 03:49:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks.<\/p>\n<p>The first one, tracked as CVE-2026-41091, is a privilege escalation security flaw affecting Microsoft Malware Protection Engine 1.1.26030.3008 and earlier, which provides the scanning, detection, and cleaning capabilities for Microsoft antivirus and antispyware software.<\/p>\n<p>This flaw stems from an improper link resolution before file access (link following) weakness, which allows attackers to gain SYSTEM privileges.<\/p>\n<p>A second vulnerability (CVE-2026-45498) affects systems running the Microsoft Defender Antimalware Platform 4.18.26030.3011 and earlier, a collection of security tools also used by Microsoft&#8217;s System Center Endpoint Protection, System Center 2012 R2 Endpoint Protection, System Center 2012 Endpoint Protection, and Security Essentials.<\/p>\n<p>According to Microsoft, successful exploitation enables threat actors to trigger denial-of-service (DoS) states on unpatched Windows devices.<\/p>\n<p>Microsoft has released Malware Protection Engine versions 1.1.26040.8 and 4.18.26040.7, respectively, to address the two security flaws, and added that customers shouldn&#8217;t have to take any action to secure their systems because &#8220;the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically.&#8221;<\/p>\n<p>However, users should still check whether Windows Defender Antimalware Platform updates and malware definitions are configured to install automatically and verify if the update was installed by going through the following steps:<\/p>\n<ol>\n<li>Open the Windows Security program. For example, type &#8220;Security&#8221; in the Search bar, then select the Windows Security program.<\/li>\n<li>In the navigation pane, select Virus &#038; threat protection.<\/li>\n<li>Then click <strong>Protection Updates<\/strong> in the Virus &#038; threat protection section.<\/li>\n<li>Select <strong>Check for updates<\/strong>.<\/li>\n<li>In the navigation&#8230;<\/li>\n<\/ol>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft warns of new Defender zero-days exploited in attacks https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/ Publish Date: 2026-05-21 03:49:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":251442,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2023\/10\/11\/Microsoft-Defender_for_Endpoint.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32,27],"class_list":["post-251441","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251441"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=251441"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251441\/revisions"}],"predecessor-version":[{"id":251443,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/251441\/revisions\/251443"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/251442"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=251441"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=251441"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=251441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}