CVE-2026-33825EXPLOITEDPATCHED

microsoft · microsoft defender antimalware platform

Microsoft Defender Elevation of Privilege Vulnerability

Description

Privilege escalation bug in Windows Defender dubbed 'BlueHammer'.

Affected Products

Vendor	Product	Versions
microsoft	microsoft defender antimalware platform	4.0.0.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825(vendor-advisory, patch)

Related News (3 articles)

Tier C

Krebs on Security3h ago

Patch Tuesday, April 2026 Edition

→ No new info (linked only)

Tier C

Cisco Talos4h ago

Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities

→ No new info (linked only)

Tier C

VulDB6h ago

CVE-2026-33825 | Microsoft insufficient granularity of access control

→ No new info (linked only)

CVSS 3.17.8 CRITICAL

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

4.18.26030.3011

CWECWE-1220

PublishedApr 14, 2026

Last enriched3h agov3

Trending Score64

Source articles3

Independent3

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-32201EXPKEV

Microsoft SharePoint Server Spoofing Vulnerability

Trending: 142

CRITICALCVE-2026-33824EXP

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Trending: 67

HIGHCVE-2026-32075EXP

Windows UPnP Device Host Elevation of Privilege Vulnerability

Trending: 66

HIGHCVE-2026-32071EXP

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Trending: 66

HIGHCVE-2026-32093EXP

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Trending: 66

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 14, 2026

Discovered by ZDM

Apr 14, 2026

Actively Exploited

Apr 14, 2026

Exploit Available

Apr 14, 2026

Patch Available

Apr 14, 2026

Updated: severity

Apr 14, 2026

Updated: description, exploitAvailable, activelyExploited

Apr 14, 2026

Version History

Last enriched 3h ago

v3Tier C3h ago

Updated description to include the name 'BlueHammer', marked exploit as available, and noted that it is actively exploited.

descriptionexploitAvailableactivelyExploited

via Krebs on Security

v2Tier C6h ago

Updated severity to CRITICAL and noted that no exploit is available.

severity

via VulDB

v17h ago

Initial creation