答案已發布上週Last edited 5 天前17 來源

Microsoft Defender 零日漏洞 CVE‑2026‑41091、CVE‑2026‑45498 已被實際攻擊利用

Microsoft 於 2026 年 5 月 20 日發佈緊急（out‑of‑band）更新，修補兩個已被實際利用嘅 Defender 零日漏洞：CVE‑2026‑41091（權限提升）同 CVE‑2026‑45498（拒絕服務）。 CVE‑2026‑41091 屬於 link‑following 類漏洞，本地攻擊者可利用 Defender 嘅檔案連結解析問題升級至 SYSTEM 權限。

使用 Studio Global AI 搜尋並查核事實瀏覽更多熱門頁面

604K0

Illustration of Microsoft Defender security alert related to CVE‑2026‑41091 and CVE‑2026‑45498 zero‑day vulnerabilities — What are the newly disclosed Microsoft Defender zero‑day vulnerabilities patched in the May 20 out‑of‑band update (including CVE‑2026‑41091Microsoft patched two actively exploited Defender vulnerabilities in an out‑of‑band update on May 20, 2026.
AI 提示
Create a landscape editorial hero image for this Studio Global article: What are the newly disclosed Microsoft Defender zero‑day vulnerabilities patched in the May 20 out‑of‑band update (including CVE‑2026‑41091. Article summary: Microsoft’s May 20, 2026 out-of-band Defender update addressed two newly disclosed, actively exploited Defender flaws: CVE-2026-41091, a local privilege-escalation link-following bug, and CVE-2026-45498, a Defender denia. Topic tags: general, government, general web, user generated, education. Reference image context from search candidates: Reference image 1: visual subject ""The May 2026 Patch Tuesday Release breaks a long-standing streak as the first release in nearly two years not to include a zero-day," said Satnam Narang, senior staff research eng" source context "No Zero-Days, but Plenty to Patch in Microsoft May Update" Reference image 2: visual subject "
openai.com

Microsoft 喺 2026 年 5 月 20 日發佈一個緊急（out‑of‑band）安全更新，修補兩個已經喺真實攻擊中被利用嘅 Microsoft Defender 漏洞：CVE‑2026‑41091 同 CVE‑2026‑45498。呢兩個漏洞影響 Windows 系統內置嘅 Defender 防毒與端點保護組件，而且已被加入 CISA 嘅 Known Exploited Vulnerabilities（KEV）目錄，代表已有實際攻擊證據，需要盡快修補。

雖然兩個漏洞嘅技術細節唔一樣，但共同點係：佢哋都影響企業同個人電腦最核心嘅安全防護工具之一——Microsoft Defender。

5 月 20 日修補嘅兩個 Defender 零日漏洞

CVE‑2026‑41091 — Microsoft Defender 本地權限提升漏洞

CVE‑2026‑41091 係一個典型嘅 link‑following 漏洞。問題出喺 Defender 喺存取檔案之前，未正確處理檔案連結（例如 symbolic link 或其他檔案系統重導）。

簡單講，如果系統入面有惡意建立嘅檔案連結，Defender 有機會跟住呢個連結去操作另一個本來受保護嘅檔案。

由於 Defender 會以 高權限（SYSTEM） 執行部分掃描或檔案操作，一個已登入系統嘅低權限使用者可以利用呢個行為，將自己嘅權限提升到 SYSTEM 等級，即係完全控制整部電腦。

漏洞重點包括：

類型：不正確檔案連結解析（link‑following）
影響：本地權限提升至 SYSTEM

Studio Global AI

Search, cite, and publish your own answer

Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.

使用 Studio Global AI 搜尋並查核事實

人們還問