Microsoft has patched two critical zero-day vulnerabilities in Windows Defender that were actively exploited in the wild. The flaws, known as UnDefend and RedSun, allow attackers to escalate privileges to system-level access and launch denial-of-service attacks, and they're linked to the publicly released BlueHammer exploit toolkit. CISA has added both vulnerabilities to its Known Exploited Vulnerabilities list, giving federal agencies until June 3rd to apply the patches, while urging all organizations to update immediately.