Introduction

In a significant update to the threat landscape, the Cybersecurity and Infrastructure Security Agency (CISA) added a new zero-day vulnerability in Microsoft Defender to its Known Exploited Vulnerabilities (KEV) Catalog this week. Identified as CVE-2026-41091, this high-severity flaw represents a critical risk because it targets the very security software designed to protect Windows environments. When a security tool itself becomes a vector for exploitation, it grants attackers a unique opportunity to bypass detection and entrench themselves within a system.

CVE-2026-41091 is a local privilege escalation (LPE) vulnerability that has been confirmed by Microsoft and CISA as being actively exploited in the wild. While it requires an attacker to have an initial foothold on the target machine, the ability to escalate from a low-privilege user to SYSTEM privileges is a vital step in modern ransomware and data exfiltration campaigns.

Technical Details: The “Link Following” Flaw

The technical root cause of CVE-2026-41091 is classified as CWE-59: Improper Link Resolution Before File Access, commonly referred to as a “link following” vulnerability. The flaw exists within the Microsoft Malware Protection Engine (MMPE), the core component responsible for scanning and analyzing files across various Microsoft security products.

The vulnerability arises when the scanning engine attempts to access a file without properly validating whether that file is a symbolic link (symlink) pointing to a different, protected location. A low-privilege attacker can create a malicious symbolic link that redirects Defender’s high-privilege scan process toward sensitive system files, such as the Security Account Manager (SAM) hive or critical configuration files. Because the Malware Protection Engine runs with SYSTEM-level permissions, it can be tricked into “following” the link and performing actions on files that the user should not normally be able to access. In practice, this allows the attacker to gain full control over the operating system, reset passwords, or disable security features entirely.

Affected Systems and Severity

The scope of this vulnerability is broad, affecting any Windows system using the Microsoft Malware Protection Engine versions 1.1.26030.3008 and earlier. This includes:

• Microsoft Defender Antivirus (on Windows 10, 11, and Windows Server)
• Microsoft System Center Endpoint Protection
• Microsoft Security Essentials

With a CVSS score of 7.8 (High), the vulnerability is particularly dangerous because of its role in the “kill chain.” While it is not a remote code execution (RCE) bug that allows an attacker to break into a network from the outside, it is the perfect “second stage” exploit. Once an attacker gains access via a phishing email or a different web vulnerability, they use CVE-2026-41091 to take over the local machine, move laterally through the network, and eventually compromise the entire domain.

Mitigation and Patching

Microsoft has released a fix for this vulnerability in Microsoft Malware Protection Engine version 1.1.26040.8. Fortunately, for most users and enterprises, Microsoft’s security products are configured to update their engines and definitions automatically. However, given the active exploitation of this zero-day, security teams should not rely on “hope as a strategy.”

How to Verify Your Protection

Administrators can verify if their systems are protected by checking the version of the Malware Protection Engine. This can be done via PowerShell with the following command:

Get-MpComputerStatus | select AMEngineVersion

Ensure the version listed is 1.1.26040.8 or higher. If your systems are lagging behind, initiate a manual update through Windows Update or the “Check for updates” button within the Windows Security app.

Advanced Hardening

Beyond patching, organizations can implement several defense-in-depth measures to mitigate the risk of link-following attacks:

• Restrict Symbolic Link Creation: Use Group Policy to ensure only administrators have the SeCreateSymbolicLinkPrivilege. By default, Windows allows users to create certain types of links; tightening this restriction hinders an attacker’s ability to set up the exploit.
• Enable ASR Rules: Microsoft Defender’s Attack Surface Reduction (ASR) rules can be configured to block the creation of untrusted symbolic links, providing a proactive layer of defense.
• Principle of Least Privilege: Regularly audit user accounts to ensure they do not have unnecessary administrative rights, which limits the potential damage of any single compromised account.

Conclusion

The disclosure of CVE-2026-41091 serves as a stark reminder that even our most trusted security tools are software, and all software has bugs. The fact that CISA has mandated a remediation deadline of June 3, 2026, for federal agencies underscores the urgency of this threat. Organizations should prioritize verifying their Microsoft Defender versions today to ensure they are not leaving the door open for attackers who are already using this flaw to take control of Windows environments.