- 143/2026
- High
Microsoft has released security updates to address several vulnerabilities affecting multiple Microsoft products.
The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, bypass security restrictions, execute arbitrary code, or gain elevated privileges on the affected systems.
Sample of the addressed vulnerabilities:
1. Microsoft Defender Remote Code Execution Vulnerability (CVE-2026-45584):
- CVSS: 8.1
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Consequences: Remote Code Execution
2. Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability (CVE-2026-42834):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privileges
Sample of the affected products:
- Windows Admin Center in Azure Portal.
- Microsoft Malware Protection Engine.
- Microsoft Defender Antimalware Platform.
Vulnerabilities
- CVE-2026-45584
- CVE-2026-45585
- CVE-2026-45498
- CVE-2026-41091
- CVE-2026-42834
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.