Two zero-day flaws in Microsoft Defender, the antivirus engine built into every Windows installation, are already being exploited by attackers to gain elevated privileges on target systems. Both CVE-2026-45498 and CVE-2026-41091 now sit in the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog, which compels federal agencies to treat the bugs as active threats requiring immediate remediation. The fact that the vulnerabilities live inside the very software designed to stop intrusions turns the normal patch cycle into something closer to a paradox: the security guard is the unlocked door.
Two Defender flaws in the CISA catalog and what that triggers
Windows Defender runs with SYSTEM-level privileges on hundreds of millions of machines. That access is by design; an antivirus engine needs deep hooks into the operating system to scan files, inspect memory, and quarantine threats in real time. But the same elevated permissions that make Defender effective also make it a high-value target. When a flaw surfaces in a component that already operates at the top of the privilege hierarchy, attackers do not need a separate escalation chain. They can move from initial access to full control in fewer steps.
CVE-2026-45498 is formally classified as a Defender denial-of-service vulnerability in the National Vulnerability Database. The NVD entry, available through the official CVE record, links directly to Microsoft’s own vendor advisory and flags the CVE as present in CISA’s Known Exploited Vulnerabilities list, meaning real-world exploitation has been confirmed, not merely theorized. That catalog listing carries a binding operational directive for civilian federal agencies: they must apply the vendor fix or implement an approved mitigation within the timeline CISA sets, typically within days or weeks of inclusion.
The second flaw, CVE-2026-41091, appears in a separate CISA catalog record that includes both a Microsoft CNA entry and a CISA-ADP timeline. Its presence in the catalog confirms active exploitation as well, though the public record does not yet name the threat actors involved or quantify the number of compromised systems. The pairing of a Microsoft-assigned CVE with an accelerated CISA timeline underscores that both the vendor and the government see the bug as more than a theoretical weakness.
For organizations outside the federal government, the catalog has no legal force, but it functions as a strong signal. Security teams at private companies, hospitals, and school districts routinely use the KEV list as a priority filter for their own patch management. Two Defender entries appearing close together amplifies the urgency because it suggests attackers are probing the antivirus stack systematically rather than stumbling onto a single bug. In practice, many incident response teams now treat any Defender-related CVE in the KEV catalog as an automatic high-priority ticket.
What NVD and CISA records reveal about the exploit path
The National Vulnerability Database, maintained by the Information Technology Laboratory at the National Institute of Standards and Technology, serves as the authoritative scoring and tracking system for CVEs across the U.S. government. Its entry for CVE-2026-45498 categorizes the bug as denial of service, which at first glance sounds less alarming than remote code execution. Yet denial-of-service conditions in a security product can be weaponized in ways that go beyond simple crashes. If an attacker can reliably disable Defender on a target machine, every subsequent payload lands on an unprotected system. That sequence-disabling the guard before delivering the real attack-is a well-documented privilege-escalation pattern even when the initial CVE is not labeled as an escalation bug on its own.
CVE-2026-41091 carries a Microsoft CNA designation alongside the CISA-ADP timeline embedded in its record. The CNA tag means Microsoft itself assigned the CVE identifier and acknowledged the flaw, while the CISA-ADP timeline tracks the agency’s own assessment and dissemination steps. Together, the two records paint a picture of coordinated but still incomplete disclosure: Microsoft has acknowledged both bugs, CISA has flagged both as actively exploited, but neither organization has published technical details about the exploitation chains or the groups behind them. That restraint is typical while patches are still propagating, but it leaves defenders with fewer clues about how attackers are operating.
That information gap matters. Without proof-of-concept details or indicators of compromise, defenders are left patching blind. They know the door is open but not which rooms the intruders have already entered. Threat intelligence vendors may eventually fill that gap, but the official government record, as of the current catalog entries, stops at confirming exploitation without attribution or volume data. Security teams are therefore forced to infer likely attack paths based on the component affected, the privilege level Defender enjoys, and the history of how similar flaws have been abused in the past.
The broader context comes from the way the National Vulnerability Database is curated inside NIST’s information technology program. NVD entries emphasize standardized scoring, affected products, and links to vendor advisories, not operational threat intelligence. CISA’s KEV catalog, for its part, is designed to drive remediation deadlines rather than provide step-by-step attack descriptions. The result is a split view: defenders get a clear message that they must act, but very little detail on how urgently they should hunt for signs of compromise in their existing logs.
Open questions for Defender patch timelines and enterprise risk
Several threads remain unresolved. Microsoft’s vendor advisories, referenced in the NVD entries, are not reproduced in the NIST or CISA records themselves. That means the exact patch availability dates, affected Defender engine versions, and any recommended workarounds are visible only through Microsoft’s own security update portal. Organizations that rely solely on NVD or CISA feeds for triage may not realize a fix is already available, or conversely, may assume one exists when it does not. In fast-moving exploitation scenarios, that mismatch of expectations can translate directly into additional dwell time for attackers.
The CISA catalog entries list required remediation deadlines for federal agencies but contain no attacker attribution or observed attack volume drawn from government telemetry. Without that data, it is difficult to assess whether these exploits are being used in targeted operations against specific sectors or in broad, opportunistic campaigns. The distinction changes the risk calculus for enterprises: a bug leveraged only in highly targeted intrusions might prompt focused monitoring, while one used in mass exploitation requires rapid, organization-wide response and potentially emergency downtime to accelerate patching.
Another unknown is how these Defender flaws fit into larger intrusion chains. On their own, denial-of-service or local privilege issues in security tools are dangerous but not necessarily catastrophic. They become far more serious when paired with initial access vectors such as phishing, malicious documents, or web-facing application bugs. If attackers are already bundling the Defender exploits with other CVEs in turnkey toolkits, organizations could see a wave of incidents in which endpoint security simply vanishes at the moment it is needed most.
For now, the practical guidance is straightforward even if the intelligence picture is not. Security teams should verify which Defender versions they are running, cross-check those builds against Microsoft’s advisories for CVE-2026-45498 and CVE-2026-41091, and prioritize any required updates ahead of routine patch backlog. Where immediate patching is impossible-because of change-freeze windows, legacy systems, or operational constraints-compensating controls such as application allowlisting, enhanced logging, and temporary deployment of secondary endpoint security tools can help reduce exposure.
Longer term, the Defender flaws highlight a structural tension in modern security architecture. As more defensive capabilities move into kernel-level agents and always-on monitoring services, the blast radius of a single bug in those components grows. Organizations may need to revisit assumptions about running a single, deeply privileged security stack and consider layered approaches that can survive the temporary loss of any one tool. Until vendors and agencies can provide more complete technical detail, treating antivirus engines as both essential safeguards and potential single points of failure will be a necessary, if uncomfortable, part of enterprise risk management.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
