Microsoft Defender Zero-Days Under Active Attack; CISA Mandates Patching by June 3

On May 21, 2026, Microsoft confirmed that two vulnerabilities within Microsoft Defender—CVE-2026-41091 and CVE-2026-45498—are being actively exploited in the wild. CISA immediately added both to its Known Exploited Vulnerabilities (KEV) catalog, mandating that U.S. Federal Civilian Executive Branch (FCEB) agencies apply patches by June 3, 2026. This development shifts the status of these flaws from theoretical risks to an urgent operational priority for enterprise security teams worldwide.

The vulnerabilities target distinct components of the native Windows antivirus: one allows for local privilege escalation (LPE) to SYSTEM level, while the other can effectively disable the product via a denial-of-service (DoS) attack. Both flaws had been publicly disclosed in early April as proof-of-concept (PoC) code by a researcher known as Nightmare Eclipse.

The Path from PoC to Active Exploitation

The progression of these vulnerabilities follows a recurring pattern in the modern threat landscape. The researcher Nightmare Eclipse (also known as Chaos Eclipse) published proof-of-concepts for three Defender vulnerabilities on April 3 and April 15, 2026: BlueHammer, RedSun, and UnDefend. The nomenclature is significant: BlueHammer (CVE-2026-33825) was added to the KEV catalog in late April, credited to researchers Zen Dodd and Yuanpei Xu. RedSun and UnDefend took approximately one month longer to transition from theoretical demonstrations to confirmed active exploitation.

The precise speed of this transition depends on variables that remain partially obscured. It is currently unknown if the flaws are being utilized by a single threat actor or across independent campaigns, and the initial access vectors preceding local escalation have not been disclosed. However, Huntress confirmed detecting exploits for RedSun and UnDefend on compromised systems during recent incident response engagements. The lack of specific attribution does not diminish the severity; the public availability of PoC code significantly lowers the barrier to entry for exploitation.

Microsoft notably did not credit external researchers for the discovery of CVE-2026-45498. While not definitive, this suggests the flaw may have been discovered internally or identified through telemetry rather than traditional coordinated disclosure.

Technical Breakdown: LPE and DoS Targeting the Defender Core

CVE-2026-41091 resides in the Microsoft Malware Protection Engine, the core component responsible for file scanning and analysis. Classified as an "improper link resolution before file access" (link following) vulnerability, it allows an attacker with local access to manipulate link resolution, forcing the engine to scan controlled paths and eventually granting SYSTEM privileges. While the CVSS score of 7.8 is "High," the context is critical: achieving SYSTEM privileges on an endpoint where Defender is active grants total control over a security product that, by design, operates with the highest permissions.

CVE-2026-45498 targets the Microsoft Defender Antimalware Platform, the infrastructure coordinating definition updates, scan scheduling, and cloud service communication. This vulnerability triggers a denial-of-service condition. Although its CVSS score of 4.0 is formally "Medium," the operational impact is disproportionate. A disabled antivirus leaves an endpoint exposed to subsequent payloads, effectively turning a service availability flaw into a risk multiplier for the entire security posture.

"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges" — Microsoft advisory (via Help Net Security)

It remains unclear whether these flaws are being exploited in isolation or as part of an attack chain. A logical sequence—using the DoS to disarm Defender followed by the LPE to solidify persistence—is technically feasible but unconfirmed by current reports. Regardless, the existence of both exploits requires organizations to treat the security product itself as part of the attack surface rather than an untouchable safeguard.

The CISA Mandate and Enterprise Pressure

The May 21 KEV listing and June 3 deadline legally bind U.S. federal agencies, but the signal to the private sector is equally clear. CISA rarely imposes such rapid deadlines for low-impact vulnerabilities. The two-week window reflects a risk assessment that, while not fully decoded in public advisories, suggests significant threat activity that enterprise asset owners cannot ignore.

Defender's update architecture slightly complicates the response. The Malware Protection Engine typically updates automatically via malware definitions without requiring a full OS patch cycle. The corrected version for CVE-2026-41091 is 1.1.26040.8. For CVE-2026-45498, the patch is included in Antimalware Platform version 4.18.26040.7, though some ambiguity remains in source reports regarding the exact update path. Specifically, Source 2 does not clarify if version 4.18.26040.7 also encompasses the Malware Protection Engine fix, a detail enterprise admins should verify through official Microsoft channels.

Microsoft emphasized that "the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically." This statement serves as both an assurance and a warning: enterprise environments with custom update policies, restrictive proxies, or legacy Windows Server versions may not receive these critical fixes within the standard timeframe.

Remediation and Verification Strategies

When a security product becomes the attack vector, it requires a shift in operational perspective. Administrators should not assume automatic updates have succeeded; they must verify them with the same rigor applied to critical OS patches.

• Verify Malware Protection Engine Version: Confirm that version 1.1.26040.8 or higher is active on all endpoints, particularly those with deferred or scheduled update policies.
• Check Antimalware Platform Version: Ensure version 4.18.26040.7 is deployed. Pay close attention to Windows Servers where platform updates may be managed independently of definition updates.
• Audit Systems with Defender Disabled: Microsoft confirmed that "systems with Microsoft Defender disabled are not exploitable, even though Defender's files remain on disk." However, the presence of unpatched binaries represents a risk of unauthorized reactivation or policy bypass.
• Review Automated Update Reliance: Environments involving proxies, network segmentation, or hardened configurations must establish independent verification channels for Defender components to ensure they aren't being blocked.

While the June 3 deadline is a regulatory requirement for the federal sector, for private enterprises, it serves as a benchmark for timely response versus documentable negligence in the event of a breach.

The Guardian’s Dilemma

This technical analysis highlights a structural paradox in modern endpoint security. Microsoft Defender is designed to operate with maximum privileges, scan every file, and intercept every process. This total visibility is necessary for its function, but it also makes it a high-value target. CVE-2026-41091 and CVE-2026-45498 are not peripheral bugs; they strike the scanning engine and the coordination platform—the vital organs of the defense system.

The fact that PoCs published in early April transitioned to confirmed exploitation in under six weeks reinforces a systematic trend: the window between disclosure and active threat is collapsing. For organizations that rely on a single integrated vendor for endpoint defense, redundancy is no longer an architectural luxury but a necessity—not to replace Defender, but to survive moments when the protector itself is compromised.

June 3, 2026, will arrive quickly. The true measure of an organization's response will not just be whether the patch was applied, but whether they have adopted the necessary operational skepticism toward software running with SYSTEM privileges.

FAQ

Is it necessary to uninstall Microsoft Defender to mitigate this risk?

No. Microsoft has confirmed that systems with Defender disabled are not exploitable. However, full removal is neither required nor recommended, as the absence of endpoint protection creates significantly higher risks. The correct mitigation is to verify that components have been updated to the patched versions.

Why is the DoS vulnerability considered urgent if it has a lower CVSS score than the LPE?

The CVSS score measures the technical severity of a single flaw, not its contextual operational impact. A DoS attack that neutralizes the primary antivirus allows for the subsequent deployment of any malware, effectively transforming a "Medium" vulnerability into a critical risk for the entire system.

How can I verify if Defender's automatic updates are actually working?

In enterprise environments, the Microsoft Defender Antivirus console or endpoint management tools (Intune, SCCM, GPO) should show versions at or above 1.1.26040.8 for the Engine and 4.18.26040.7 for the Platform. Simply having "automatic updates enabled" does not guarantee that the binaries have successfully updated, especially in complex networks with proxies or rate limiting.

Sources

• https://www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/
• https://www.securityweek.com/microsoft-patches-exploited-undefend-and-redsun-defender-zero-days/

Information verified against cited sources and current as of publication.

Sources

• https://www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/
• https://www.securityweek.com/microsoft-patches-exploited-undefend-and-redsun-defender-zero-days/