Microsoft says it's hard at work on a patch for this worrying Defender zero-day
Date:
Thu, 18 Jun 2026 10:05:00 +0000
Description:
RoguePlanet now has a CVE and a patch in the works, a week after the disclosure of a PoC.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Microsoft confirms RoguePlanet as CVE202650656, an elevationofprivilege flaw in Defenders Malware Protection Engine Disclosed by Chaotic Eclipse as a racecondition zeroday granting
SYSTEM privileges on fully patched Windows 10/11 Seventh exploit in their campaign; PoC validated by ThreatLocker, with Microsoft promising a fix despite ongoing feud Microsoft has assigned a unique identifier for the recently-disclosed RoguePlanet vulnerability and confirmed it is now working on a fix.
"Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as
'RoguePlanet,' the company said in a recently disclosed security advisory.
"We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available." Latest Videos From Watch full video here: Chaotic Eclipse's
grudge A security researcher with the alias Chaotic Eclipse recently
disclosed a zero-day vulnerability in a fully patched Windows 11 device, just hours after Microsoft released its June Patch Tuesday cumulative update.
Chaotic Eclipse is waging a personal crusade against Microsoft, whom theyre accusing of being disrespectful and poorly handling vulnerability
disclosures. RoguePlanet is the seventh zero-day exploit they disclosed in a matter of months. This bug, described as a race condition vulnerability, grants attackers SYSTEM privileges on fully patched Windows 10 and Windows 11 devices. You may like This Microsoft Defender zero-day could give hackers unprecedented access to your system Disgruntled researcher releases second major Defender zero-day Disgruntled researcher leaks worrying Windows
zero-day security flaw
Before that, they also published BlueHammer, RedSun, GreenPlasma, MiniPlasma, YellowKey, and UnDefend flaws. Some of them affect Microsoft Defender , and some BitLocker and other Windows components.
They published a Proof-of-Concept (PoC) exploit in a self-hosted Git, after saying that both GitHub and GitLab repositories hosting earlier work got removed by Microsoft. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
or sponsors By submitting your information you agree to the Terms &
Conditions and Privacy Policy and are aged 16 or over.
"The exploit is a race condition, so it's a hit or miss. I have managed to
get a 100% success rate on some machines while it struggled to work on others," they explained. Security researchers ThreatLocker confirmed to the publication that the flaw works and even recorded a video to demonstrate how it works.
Microsoft now tracks RoguePlanet as CVE-2026-50656. Earlier it said it considered legal action when people engage in malicious activity causing real harm to our customers. Chaotic Eclipse seems unphased by these warnings,
which some interpreted as threats.
Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/microsoft-says-its-hard-at-work-on-a-pa tch-for-this-worrying-defender-zero-day
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)