Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft CVD response for Windows Defender and BitLocker

Advisory/Mitigation
First reported
Last updated
Happening score
H score 47
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft is urging Coordinated Vulnerability Disclosure (CVD) and says it is developing security updates for Windows components including Defender and BitLocker after multiple zero-days were publicly disclosed. The response is aimed at reducing unnecessary risk for customers while Microsoft assesses impact and hardens affected systems. The company warned that releasing proof-of-concept details for unpatched vulnerabilities can create real-world consequences. The advisory posture is tied to active mitigation work and vendor coordination around the disclosed flaws.

Related Happenings

Microsoft Quantum Safe Program PQC transition

Advisory/Mitigation
H score25 First: 01.07.2026 00:20 Last: 01.07.2026 00:20 Sources 1

About this happening: **Microsoft** is **accelerating** its **Quantum Safe Program** to move **critical products and services** to **post-quantum cryptography (PQC)** by **2029**, tightening the organi...

Microsoft hit by cyberattack

Incident
H score68 First: 09.06.2026 18:42 Last: 09.06.2026 18:42 Sources 1

About this happening: A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...

Microsoft SharePoint remote code execution (CVE-2026-45659)

Vulnerability
H score17 First: 26.05.2026 14:49 Last: 26.05.2026 14:49 Sources 1

About this happening: **Microsoft SharePoint** **CVE-2026-45659** is a **remote code execution** vulnerability that lets an **authenticated attacker** with **Site Member** permissions run code over the...

Microsoft security patch release for CVE-2026-45659

Security Patch Release
H score23 First: 26.05.2026 14:49 Last: 26.05.2026 14:49 Sources 1

About this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...

Microsoft Defender zero-days exploited in attacks (multiple vulnerabilities)

Vulnerability
H score39 First: 21.05.2026 10:49 Last: 21.05.2026 10:49 Sources 1

How related: Following disclosure, BlueHammer, RedSun, and UnDefend have all come under active exploitation in the wild.

About this happening: Microsoft began rolling out fixes for **CVE-2026-41091** and **CVE-2026-45498**, two **actively exploited zero-days** in **Microsoft Defender** components that affect unpatched Wi...

Timeline

  1. 28.05.2026 16:53 2 articles · 1mo ago

    Microsoft urges Coordinated Vulnerability Disclosure after Windows zero-day disclosures

    Mitigation Patch Update

    Microsoft urged researchers to use Coordinated Vulnerability Disclosure after multiple zero-day vulnerabilities affecting Windows components including Defender and BitLocker were publicly disclosed without prior vendor coordination. The company said the disclosures put customers at unnecessary risk and that its security teams are working around the clock to understand the impact, protect customers, and develop security updates; BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), and UnDefend (CVE-2026-45498) are now under active exploitation in the wild.

    Show sources