<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:12.0pt;
font-family:"Aptos",sans-serif;}
h4
{mso-style-priority:9;
mso-style-link:"Heading 4 Char";
mso-margin-top-alt:auto;
margin-right:0in;
margin-bottom:2.4pt;
margin-left:0in;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
color:black;
font-weight:bold;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:12.0pt;
font-family:"Aptos",sans-serif;}
span.Heading4Char
{mso-style-name:"Heading 4 Char";
mso-style-priority:9;
mso-style-link:"Heading 4";
font-family:"Aptos",sans-serif;
color:#0F4761;
font-style:italic;}
span.first-word1
{mso-style-name:first-word1;
font-weight:bold;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:701321750;
mso-list-template-ids:-1572327176;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1047337410;
mso-list-template-ids:-1174094918;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:1273827494;
mso-list-template-ids:-1022308662;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:1810054350;
mso-list-template-ids:-972897328;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p><span lang="EN" style="font-family:"Calibri",sans-serif;color:black">Good afternoon,<o:p></o:p></span></p>
<h4><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">The SOC Services team is reporting on the vulnerabilities; Multiple Microsoft Defender Vulnerabilities:
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">CVE-2026-41091 and CVE-2026-45498 affecting Microsoft Malware Protection Engine used in Microsoft Defender</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">
on enterprise systems. Due to active exploitation concerns, elevated exposure risk, and the potential for remote compromise, we are providing this combined vulnerability notification to support enterprise remediation and defensive operations.<o:p></o:p></span></h4>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">History:</span></span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal"> Coordinated disclosure was executed on May
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">20</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">, 2026. The CVSS v3.x base score
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">for CVE-2026-41091
</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">is
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">7</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">.</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">8</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">
(HIGH) </span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">and CVE-2026-45498 is 4.0 (MEDIUM), both assigned by Microsoft</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">.<o:p></o:p></span></h4>
<h4 style="margin-top:0in"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></h4>
<h4 style="margin-top:0in"><span lang="EN" style="font-family:"Calibri",sans-serif">Affected Versions<o:p></o:p></span></h4>
<ul style="margin-top:0in" type="disc" id="affectedVersionsList">
<li class="MsoNormal" style="color:black;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo1">
<span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">Microsoft Malware Protection Engine version 1.1.26030.3008 or earlier (CVE-2026-41091)</span><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo1">
<span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">Microsoft Defender Antimalware Platform version 4.18.26030.3011 or earlier (CVE-2026-45498)</span><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></li></ul>
<h4 style="margin-top:0in"><span lang="EN" style="font-family:"Calibri",sans-serif">Fixed Versions<o:p></o:p></span></h4>
<ul style="margin-top:0in" type="disc" id="fixedVersionsList">
<li class="MsoNormal" style="color:black;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo2">
<span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">Microsoft Malware Protection Engine version 1.1.26040.8 or later (CVE2026-41091)</span><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo2">
<span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">Microsoft Defender Antimalware Platform version 4.18.26040.7 or later (CVE-2026-45498)</span><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p></o:p></span></li></ul>
<p><span lang="EN" style="font-family:"Calibri",sans-serif">More information for these vulnerabilities can be found at the following vendor locations:<o:p></o:p></span></p>
<p><span lang="EN" style="font-family:"Calibri",sans-serif">CVE-2026-41091: <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091">
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091</a><o:p></o:p></span></p>
<p><span lang="EN" style="font-family:"Calibri",sans-serif">CVE-2026-45498: <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498">
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498</a><span style="color:black"><o:p></o:p></span></span></p>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Intelligence:</span></span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal"> On May
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">20</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">, 2026, CISA has listed the vulnerabilit</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">ies</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">
in the Known Exploited Vulnerabilities Catalog.<o:p></o:p></span></h4>
<p><strong><span lang="EN" style="font-family:"Calibri",sans-serif">CVE-2026-41091 CVE-2026-45498</span></strong><strong><span style="font-family:"Aptos",sans-serif"><o:p></o:p></span></strong></p>
<p><strong><span lang="EN" style="font-family:"Calibri",sans-serif;color:black">Exploitability:</span></strong><span lang="EN" style="font-family:"Calibri",sans-serif;color:black">
</span><span lang="EN" style="font-family:"Calibri",sans-serif">Local
<b>Exploitability: </b>Local<b><span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">Complexity:</span></strong></span></b><span style="color:black">
</span>Low <b>
Complexity: </b>Low<span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">User Interaction:</span></strong> None</span>
<b>User Interaction: </b>None<span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">Remotely Exploitable:</span></strong>
</span>No <b>Remotely Exploitable:
</b>No<span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">Proof of Concept:</span></strong>
</span>No <b>Proof of Concept:
</b>No<span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">Zero Day:</span></strong> No</span><b> Zero Day:
</b>No<span style="color:black"> </span></span><span style="color:black"><o:p></o:p></span></p>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Workarounds:</span></span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">There are no workarounds as this time.</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal"><o:p></o:p></span></h4>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">How it Works:</span></span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal">
</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal">Below is the explanation on how these CVEs work.</span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal"><o:p></o:p></span></h4>
<h4><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">CVE-2026-41091:</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal"> Attackers can create malicious symbolic links that point to protected
system files, causing Defender to operate on unintended targets while maintaining the appearance of legitimate file operations. This behavior violates fundamental security principles of path validation and access control enforcement. The flaw typically occurs
in scenarios where Defender processes configuration files, log files, or other system resources that may be accessible through symbolic links. Attackers can create malicious symbolic links that point to protected system files, causing Defender to operate on
unintended targets while maintaining the appearance of legitimate file operations. This behavior violates fundamental security principles of path validation and access control enforcement.<o:p></o:p></span></h4>
<h4><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext">CVE-2026-45498:</span><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal"> This vulnerability allows an unauthenticated attacker to craft
malicious payloads that can cause the defender components to consume excessive system resources or crash entirely, resulting in service disruption and potential operational downtime for affected organizations.<o:p></o:p></span></h4>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Post-Exploit Impact:</span></span><span class="first-word1"><span style="font-weight:normal"><o:p></o:p></span></span></h4>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo3">
<span lang="EN" style="font-family:"Calibri",sans-serif">CVE-2026-41091 (CWE-59 Improper Link Resolution Before File Access ('Link Following')): An authenticated attacker with limited user privileges can leverage this weakness to escalate their access level
and potentially gain SYSTEM-level privileges on the affected system. The vulnerability can be exploited in various attack vectors including scheduled tasks, automated scans, or any Defender operation that processes files through symbolic link traversal. Once
escalated, attackers can modify system files, install malicious software, or exfiltrate sensitive data from the compromised system. The attack surface is particularly concerning because Defender is typically installed on all windows systems and runs with elevated
privileges, making this vulnerability particularly dangerous in enterprise environments.</span><o:p></o:p></li></ul>
<p class="MsoNormal" style="mso-margin-bottom-alt:auto;margin-left:.25in"><span lang="EN" style="font-family:"Calibri",sans-serif"><o:p> </o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="mso-margin-bottom-alt:auto;margin-left:0in;mso-list:l3 level1 lfo3">
<span lang="EN" style="font-family:"Calibri",sans-serif">CVE-2026-45498: (CWE-129 Input Validation and CWE-770 Allocation of Resources Without Limits or Throttling): The operational impact of this vulnerability extends beyond simple service disruption to potentially
compromise the overall security posture of affected environments. Organizations relying on Microsoft Defender for protection may experience complete loss of threat detection capabilities during the attack window, leaving systems exposed to other threats while
the defender service recovers or is manually restarted.<o:p></o:p></span></li></ul>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Indicators of Compromise (IoCs):</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none">
Currently there are</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:black;font-weight:normal;text-decoration:none"> none
</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none">documented.</span></span><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal"><o:p></o:p></span></h4>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Tenable Plugins:</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal;text-decoration:none"> As
</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none">of May 20,
</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal;text-decoration:none">2026, Tenable has</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none">
not</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal;text-decoration:none"> p</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none">ublished</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;font-weight:normal;text-decoration:none">
a list of plugins</span></span><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif;color:windowtext;font-weight:normal;text-decoration:none"> and currently do not have plugins in their development pipeline.</span></span><span class="first-word1"><span style="font-weight:normal;text-decoration:none"><o:p></o:p></span></span></h4>
<h4><span class="first-word1"><span lang="EN" style="font-family:"Calibri",sans-serif">Recommended Actions:</span></span><o:p></o:p></h4>
<p style="margin-top:0in"><strong><span lang="EN" style="font-family:"Calibri",sans-serif;color:black">Date Added to KEV Catalog:</span></strong><span lang="EN" style="font-family:"Calibri",sans-serif;color:black">
</span><span lang="EN" style="font-family:"Calibri",sans-serif">05/20/2026<span style="color:black"><br>
<strong><span style="font-family:"Calibri",sans-serif">Due Date for Remediation:</span></strong>
</span>06/03/2026<span style="color:black"><o:p></o:p></span></span></p>
<ul type="disc">
<li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo4">
<span lang="EN" style="font-family:"Calibri",sans-serif">Verify host has not been compromised before applying patches.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo4">
<span lang="EN" style="font-family:"Calibri",sans-serif">Apply appropriate updates provided by the vendor to vulnerable systems after testing.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo4">
<span lang="EN" style="font-family:"Calibri",sans-serif">Run all software as a non-privileged user to reduce the impact of a successful attack.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo4">
<span lang="EN" style="font-family:"Calibri",sans-serif">Apply the Principle of Least Privilege to all systems and services.<o:p></o:p></span></li></ul>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal"><b><span style="font-size:11.0pt;mso-ligatures:standardcontextual">EIS Security Operations Center</span></b><span style="font-size:11.0pt;mso-ligatures:standardcontextual"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-ligatures:standardcontextual">Enterprise Information Services<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-ligatures:standardcontextual">Cyber Security Services | CSS<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:standardcontextual">SOC Hotline: (503) 378-5930<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:standardcontextual"><a href="mailto:SOC@EIS.OREGON.GOV"><span style="color:#467886">SOC@EIS.OREGON.GOV</span></a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><img border="0" width="54" height="54" style="width:.5625in;height:.5625in" id="_x0000_i1026" src="cid:image004.png@01DCE869.8D2D7950"></span><span style="font-size:11.0pt;mso-ligatures:standardcontextual"> </span><span style="font-size:11.0pt"><img border="0" width="205" height="53" style="width:2.1354in;height:.552in" id="Picture_x0020_1" src="cid:image005.png@01DCE869.8D2D7950"></span><span style="font-size:11.0pt;mso-ligatures:standardcontextual"> <o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span lang="EN"><o:p> </o:p></span></p>
</div>
</body>
</html>