CISA Sets June 3 Deadline for Windows Admins to Patch Microsoft Defender Vulnerabilities
CISA gives Windows admins until June 3 to patch Nightmare Eclipse Defender flaws
Image: Notebookcheck
Federal agencies must address two critical Microsoft Defender vulnerabilities by June 3, linked to the Nightmare Eclipse disclosure campaign. These flaws, RedSun and UnDefend, pose significant risks including privilege escalation and denial-of-service conditions. Additional zero-day vulnerabilities remain unpatched, with a follow-up patch expected on June 9.
- 01CISA has mandated fixes for two vulnerabilities, RedSun (CVE-2026-41091) and UnDefend (CVE-2026-45498), by June 3.
- 02RedSun exploits the Defender tiering engine for privilege escalation, while UnDefend can cause a denial-of-service in the Antimalware Platform.
- 03Three additional zero-day vulnerabilities, including YellowKey (CVE-2026-45585), remain unpatched.
- 04The patched vulnerabilities are addressed in Malware Protection Engine version 1.1.26040.8 and Antimalware Platform version 4.18.26040.7.
- 05Nightmare Eclipse has indicated a July 14 release for further updates targeting the next Patch Tuesday.
Advertisement
In-Article Ad
Federal agencies have until June 3 to patch two Microsoft Defender vulnerabilities, RedSun (CVE-2026-41091) and UnDefend (CVE-2026-45498), which were added to the Known Exploited Vulnerabilities catalog by CISA after being confirmed as actively exploited. RedSun allows attackers to escalate privileges to SYSTEM, while UnDefend triggers a denial-of-service condition in the Antimalware Platform, potentially enabling ransomware deployment without alerts. Both vulnerabilities have been addressed in the latest Malware Protection Engine and Antimalware Platform updates. Additionally, three other zero-day vulnerabilities remain unpatched, including YellowKey, which can bypass BitLocker encryption, and GreenPlasma, a privilege escalation flaw. CISA's directive stems from the Nightmare Eclipse disclosure campaign, which initially began with the BlueHammer vulnerability in April. Windows administrators are urged to verify their software versions before the deadline, as a follow-up patch is expected on June 9.
Advertisement
In-Article Ad
Failure to patch these vulnerabilities could expose federal agencies to significant security risks, including data breaches and ransomware attacks.
Advertisement
In-Article Ad
Reader Poll
How prepared is your organization to address cybersecurity vulnerabilities?
Connecting to poll...
More about CISA
Read the original article
Visit the source for the complete story.