New Microsoft Defender 0‑Days Actively Exploited in the Wild

Two newly disclosed Microsoft Defender vulnerabilities are being actively exploited in the wild, enabling local attackers to elevate privileges to SYSTEM and potentially disrupt endpoint protection across Windows environments. The bugs, tracked as CVE‑2026‑41091 (Elevation of Privilege) and CVE‑2026‑45498 (Denial of Service), were published on May 19, 2026, and affect core Microsoft Defender components used […] The post New Microsoft Defender 0‑Days Actively Exploited in the Wild appeared first on Cyber Security News.