PT-2026-42157 · Microsoft · Defender
Acd421
+3
·
Published
2026-05-19
·
Updated
2026-07-09
·
CVE-2026-41091
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Defender (affected versions not specified)
Description
Improper link resolution before file access, also known as link following, in the Microsoft Malware Protection Engine allows an authorized attacker to locally elevate privileges to SYSTEM level. Additionally, the Microsoft Defender Antimalware Platform contains an issue related to uncontrolled resource consumption that could allow an attacker to cause a denial of service. This flaw was actively exploited in real-world incidents before patches were released.
Recommendations
Update Microsoft Defender immediately.
Keep Windows fully patched.
Enable multi-factor authentication and the principle of least privilege.
Monitor for suspicious privilege escalation activity.
Exploit
Fix
LPE
DoS
Link Following
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Defender