#windows

5 analyses tagged windows, sorted newest first.

critical 5 sources
DAEMON Tools Lite CVE-2026-8398: Signed Installer Supply-Chain Compromise
CISA added DAEMON Tools Lite CVE-2026-8398 to KEV after the vendor confirmed unauthorized interference in its infrastructure and compromised DAEMON Tools Lite installation packages.

#daemon-tools #supply-chain #signed-malware #cisa-kev #windows

2026-05-31
high 5 sources
Windows Shell CVE-2026-32202 KEV: Zero-Click NTLM Coercion
CVE-2026-32202 is an actively exploited Windows Shell protection-mechanism failure that Akamai traced to an incomplete patch for an APT28 LNK exploit chain, allowing zero-click NTLM authentication coercion when Explorer renders a malicious shortcut.

#microsoft #windows #zero-day #cisa-kev #credential-theft

2026-05-27
high 3 sources
Microsoft Defender CVE-2026-41091: KEV Engine EoP Exposure
CISA added Microsoft Defender CVE-2026-41091 to KEV on 2026-05-20. MSRC marks exploitation detected and gives the exact fixed Malware Protection Engine version 1.1.26040.8.

#microsoft-defender #cisa-kev #vulnerability-response #windows #privilege-escalation

2026-05-26
medium 3 sources
Microsoft Defender CVE-2026-45498: KEV Platform DoS Exposure
CISA added Microsoft Defender CVE-2026-45498 to KEV on 2026-05-20. MSRC marks exploitation detected and gives the exact fixed Defender Antimalware Platform version 4.18.26040.7.

#microsoft-defender #cisa-kev #vulnerability-response #windows

2026-05-26
high 3 sources
Windows cldflt.sys Zero-Day: MiniPlasma Kernel LPE
MiniPlasma is a public Windows cldflt.sys Cloud Filter driver LPE proof of concept that BleepingComputer tested on fully patched Windows 11 Pro with May 2026 updates. The article now replaces generic secondary sourcing with exact reporting and narrows the claim to local SYSTEM escalation.

#microsoft #windows #zero-day #privilege-escalation #kernel-exploit

2026-05-26