Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498

Security Patch Release
First reported
Last updated
Happening score
H score 44
3 unique sources, 3 articles

Summary

Hide ▲

Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected Microsoft Malware Protection Engine and Microsoft Defender Antimalware Platform versions reported in the disclosures. Both vulnerabilities were described as exploited in the wild. CVE-2026-41091 is a local privilege-escalation flaw, while CVE-2026-45498 is a denial-of-service issue. CISA added both to its Known Exploited Vulnerabilities catalog and urged federal agencies to patch by June 3.

Related Happenings

Citrix security patch release for CVE-2026-13474

Security Patch Release
H score35 First: 01.07.2026 06:54 Last: 01.07.2026 06:54 Sources 1

About this happening: **Citrix** released security updates for **NetScaler ADC** and **NetScaler Gateway** to fix **six vulnerabilities** that could enable **arbitrary file reads** or **denial of servi...

Microsoft Defender BlueHammer (CVE-2026-33825) ransomware exploitation wave

Exploitation Wave
H score41 First: 30.06.2026 11:53 Last: 30.06.2026 11:53 Sources 1

About this happening: CISA has flagged **BlueHammer (CVE-2026-33825)** as exploited in **ransomware campaigns**, expanding the risk to **Windows devices** exposed to privilege escalation. The flaw in *...

Linux kernel maintainers security patch release for CVE-2026-43503

Security Patch Release
H score34 First: 26.06.2026 14:51 Last: 26.06.2026 14:51 Sources 1

About this happening: **Linux kernel** merged and shipped the **DirtyClone** security fix for **CVE-2026-43503**, closing a **CVSS 8.8** local privilege-escalation path that could let affected systems...

Microsoft releases RoguePlanet Defender security update for CVE-2026-50656

Security Patch Release
H score32 First: 17.06.2026 20:36 Last: 17.06.2026 20:36 Sources 1

About this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...

Latest development: 09.07.2026 11:48

Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.

Microsoft security patch release for CVE-2026-42824

Security Patch Release
H score30 First: 15.06.2026 16:00 Last: 15.06.2026 16:00 Sources 1

About this happening: Microsoft's **fix for SearchLeak** in **Microsoft 365 Copilot Enterprise** closed a **critical** flaw tied to **CVE-2026-42824** that could expose **mailbox, OneDrive, and SharePo...

Timeline

  1. 21.05.2026 12:52 3 articles · 1mo ago

    Microsoft patches exploited Defender zero-days and CISA adds them to KEV

    Initial Disclosure

    Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.

    Show sources
  2. 21.05.2026 10:49 2 articles · 1mo ago

    Microsoft rolls out patches for exploited Defender zero-days

    Mitigation Patch Update

    Microsoft started rolling out fixes for CVE-2026-41091 in Microsoft Malware Protection Engine 1.1.26030.3008 and earlier and CVE-2026-45498 in Microsoft Defender Antimalware Platform 4.18.26030.3011 and earlier after zero-day exploitation affected unpatched Windows devices; CISA also added both vulnerabilities to the KEV Catalog and ordered Federal Civilian Executive Branch agencies to secure Windows endpoints and servers within two weeks, by June 3, under Binding Operational Directive (BOD) 22-01.

    Show sources