CVE-2026-45498 is a medium-severity Denial of Service (DoS) vulnerability (CVSS 4.0) affecting Microsoft Defender and the Microsoft Malware Protection Engine. The vulnerability allows an attacker to cause the security service to become unavailable or unstable through local exploitation.

The vulnerability affects:

• Microsoft Defender
• Microsoft Malware Protection Engine versions prior to:
  · 1.1.26040.8
• Defender platform versions prior to:
  · 4.18.26040.7

Affected environments may include:

• Windows 10 and Windows 11 endpoints
• Windows Server systems using Microsoft Defender
• Enterprise-managed Defender deployments

Typical exploitation flow:

1. Initial local access obtained
- The attacker gains access to the target system through:
* malware infection * compromised user account * phishing or other intrusion methods

2. Crafted input delivered to Defender
- Malicious files or specially crafted content are introduced to trigger Defender scanning behavior.

3. Defender engine instability triggered
- The Malware Protection Engine improperly handles the input.

4. Security service disruptionbr> - The attacker manipulates freed memory to redirect execution flow.

5. Remote code execution
- Microsoft Defender may:
*crash
* stop responding
* fail to scan files properly
* temporarily lose protection capability

CERTVU recommends the following:

Apply Microsoft Security Updates (Critical) immediately