What We Know: Microsoft rushed Defender fixes outside Patch Tuesday
Microsoft pushed emergency Defender fixes on May 21 after two zero-days, RedSun and UnDefend, were already being used in live attacks.
The out-of-band updates landed after Huntress confirmed real-world exploitation and after researcher Chaotic Eclipse publicly disclosed the flaws without coordinated disclosure, according to Notebookcheck. At first release, the bugs had no CVEs and no available fixes.
That sequence matters. These were not theoretical proof-of-concept bugs waiting for a future patch cycle. Attackers had working paths before Microsoft’s emergency update was available.
The more serious vulnerability is now tracked as CVE-2026-41091. It carries a CVSS score of 7.8 and affects the Microsoft Malware Protection Engine. The flaw stems from improper link resolution before file access, allowing a low-privileged attacker to manipulate a symbolic link or directory junction during a Defender scan and escalate to SYSTEM-level control.
No elevated starting permissions are required for that flaw, according to the source material. That raises the operational risk because an attacker who already has limited access could potentially turn Defender’s own scan behavior into a privilege-escalation path.
The second bug, CVE-2026-45498, is rated CVSS 4.0 and targets the Microsoft Defender Antimalware Platform. It works as a denial-of-service against the protection engine, silently blocking definition updates and reducing Defender’s ability to catch newer threats.
That second issue affects System Center Endpoint Protection, System Center 2012 R2 and 2012 Endpoint Protection, Security Essentials, and standard Defender installations. Neither vulnerability triggers a visible alert to the user or administrator during exploitation, based on the supplied reporting.
Microsoft fixed both CVEs in Malware Protection Engine version 1.1.26040.8 and Antimalware Platform version 4.18.26040.7. The company delivers the fixes through Defender’s built-in update mechanism, but administrators still need to verify deployment, especially where updates are delayed by policy, isolation, or managed rollout controls.
Why It Matters: Defender itself became part of the attack surface
Security teams treat Microsoft Defender as a control plane inside Windows environments. These flaws cut directly into that assumption.
CVE-2026-41091 is the sharper concern because it can move a low-privileged attacker to SYSTEM-level control through file-system manipulation during a Defender scan. In practical terms, that turns a defensive workflow into a privilege-escalation opportunity.
CVE-2026-45498 hits a different part of the problem. Rather than grabbing higher privileges, it degrades protection by blocking definition updates. That creates a quieter risk: a machine may appear to have protection installed while its ability to detect newer threats weakens.
Huntress’ confirmation of active exploitation moves this from patch-management backlog to incident-response queue. Managed service providers, enterprise security teams, and Windows administrators need to assume some exposed systems may have been targeted before fixes were available.
There is also a timing problem. Microsoft’s normal Patch Tuesday cadence did not contain these updates. Out-of-band patches are reserved for issues that cannot comfortably wait, and here the reason is clear: public disclosure, no initial fixes, and confirmed exploitation.
The disclosure chain adds more pressure. RedSun and UnDefend are the fourth and fifth zero-days released by Chaotic Eclipse over the past six weeks, all targeting Windows security components. MiniPlasma, another disclosure in that series, remains unpatched and reportedly gives SYSTEM access on fully patched Windows 11 machines through the Cloud Filter driver.
Microsoft’s update for CVE-2026-41091 also addresses CVE-2026-45584, a heap-based buffer overflow with a CVSS score of 8.1 that allows remote code execution without user interaction. That third flaw has not been confirmed exploited in the wild.
Analysis: the clustering matters less because of the researcher drama and more because the targets are defensive components. When attackers aim at endpoint protection, patch status alone does not answer the full question. Security teams also need to know whether the control was bypassed, degraded, or abused before the update landed.
What Is Still Unclear: The attack details remain thin
What exactly did attackers do with RedSun and UnDefend? The available reporting confirms exploitation, but it does not provide a full victim profile, attacker attribution, infrastructure details, or a complete set of indicators of compromise.
Did every exposed Defender deployment face the same risk? Not necessarily. The source material identifies affected components and products, but administrators should rely on Microsoft’s advisory and their own tooling for precise version checks, configuration exposure, and remediation status.
Were attacks broad or targeted? The supplied material does not establish scale. Huntress confirmed real-world use, but the available details do not support claims about campaign size, sectors hit, geography, or financial impact.
Can organizations assume automatic updates solved the problem? They should not. Microsoft delivers the fixes automatically through Defender’s built-in update path, but air-gapped systems, managed environments, and delayed update rings can lag behind.
CISA added both vulnerabilities to its Known Exploited Vulnerabilities catalog on May 20, 2026. Federal Civilian Executive Branch agencies have until June 3 to confirm patching. That deadline gives enterprise teams outside the federal government a useful urgency marker, even if it is not their compliance requirement.
Analysis: the lack of visible alerts during exploitation is one of the most uncomfortable details. If abuse does not notify users or administrators, defenders cannot rely on obvious symptoms. They need version verification, telemetry review, and endpoint investigation where risk is highest.
What To Watch: Treat patching as the start of response
Administrators should first confirm that Malware Protection Engine version 1.1.26040.8 and Antimalware Platform version 4.18.26040.7, or newer, are deployed across Windows fleets. That check should include managed endpoints, servers, legacy Microsoft endpoint protection products, and systems that do not receive standard automatic updates.
Security teams should also review endpoint alerts and telemetry around Defender service behavior. The source material specifically points to silent update blocking and abuse during Defender scanning, so unusual protection-engine behavior, failed definition updates, tampering signals, or unexplained service degradation deserve quick escalation.
The next useful disclosures would be indicators from Microsoft, Huntress, or other responders. Watch for any published IOCs, affected-version clarifications, exploitation timelines, or guidance on hunting for prior compromise.
Another watch item is MiniPlasma. The supplied reporting says it remains unpatched and belongs to the same recent series of Chaotic Eclipse disclosures targeting Windows security components. If more details emerge or Microsoft ships a fix, administrators will need to fold that into the same exposure review.
The core takeaway is narrow but urgent: Microsoft has patched RedSun and UnDefend, but these zero-days were exploited before fixes existed. For organizations running Defender at scale, installing the update closes the known holes. It does not answer whether attackers already used them.
Impact Analysis
- Attackers were exploiting both flaws before Microsoft released emergency fixes.
- The higher-severity bug could let a low-privileged attacker gain SYSTEM-level control.
- The update-blocking flaw could quietly reduce Defender’s ability to detect newer threats.
