3 matches found
Security Update for Windows Defender (May 2026) (CVE-2026-41091)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 1.1.26040.8. It is, therefore, affected by a privilege escalation vulnerability: - Improper link resolution before file access 'link following' in Microsoft Defender allows an...
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091 , is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM...
PT-2021-1546
Name of the Vulnerable Software and Affected Versions Microsoft Defender versions prior to the fixed version Description The issue is related to insufficient input validation in the mpengine.dll library of Microsoft Defender, allowing a remote attacker to execute arbitrary code using a specially...