Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update

Security Patch Release
First reported
Last updated
Happening score
H score 45
1 unique sources, 2 articles

Summary

Hide ▲

Microsoft shipped a Patch Tuesday fix for CVE-2026-33825, a Microsoft Defender local-privilege-escalation flaw that can lead to SYSTEM access. The update narrows exposure on affected Windows 10, Windows 11, and Windows Server systems when Defender is enabled. It matters because a released exploit showed the issue was already actionable before the fix landed.

Cases

BlueHammer Windows privilege escalation and Microsoft remediation (4)

Related Happenings

Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498

Security Patch Release
First: 21.05.2026 10:49 Last: 21.05.2026 10:49 Sources 1

About this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...

Latest development: 21.05.2026 12:52

Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.

Open Happening

Azure Backup for AKS Trusted Access permission tightening

Security Patch Release
First: 16.05.2026 23:55 Last: 16.05.2026 23:55 Sources 1

About this happening: **Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...

Open Happening

Microsoft Edge stops loading saved passwords into cleartext memory at startup

Security Tool/Service
First: 15.05.2026 17:49 Last: 15.05.2026 17:49 Sources 1

About this happening: **Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...

Open Happening

Microsoft May 2026 Patch Tuesday release

Security Patch Release
First: 13.05.2026 13:36 Last: 13.05.2026 13:36 Sources 1

About this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Timeline

  1. 16.04.2026 23:19 2 articles · 1mo ago

    Microsoft ships Patch Tuesday fix for CVE-2026-33825

    Mitigation Patch Update

    Microsoft fixed CVE-2026-33825 as part of this month's Patch Tuesday security updates, closing a Microsoft Defender local privilege escalation flaw that could grant SYSTEM privileges on Windows 10, Windows 11, and Windows Server when Windows Defender is enabled.

    Show sources
    Open in new tab