Microsoft has released a security patch to address the RoguePlanet vulnerability (CVE-2026-50656) affecting Windows 10 and 11 devices. The flaw allows attackers to gain SYSTEM privileges through a race condition in Microsoft Defender, posing a significant security risk.
The RoguePlanet vulnerability, disclosed after the June 2026 Patch Tuesday, allows exploitation of a race condition in Microsoft Defender on fully patched Windows 10 and 11 devices. This flaw enables attackers to open a command prompt with SYSTEM privileges.
The vulnerability was revealed by a researcher known as Nightmare Eclipse, who has been involved in an ongoing dispute with Microsoft concerning its bug bounty and vulnerability disclosure policies. Nightmare Eclipse shared a proof-of-concept exploit but alleges that Microsoft previously removed similar exploits from hosting platforms.
On June 16, Microsoft confirmed it was addressing CVE-2026-50656. The patch was officially released on June 23 via an update to the Microsoft Malware Protection Engine. This update seeks to mitigate the vulnerability and advises users on how to verify the installation of the new version.
Nightmare Eclipse has previously disclosed several other zero-day vulnerabilities in Windows, including flaws named BlueHammer, RedSun, and GreenPlasma. Microsoft's recent updates have addressed some of these issues, indicating an ongoing focus on resolving security weaknesses in its systems.
Following these disclosures, Microsoft has warned of potential legal action against actions it views as malicious. This has drawn criticism and concern from cybersecurity experts regarding the implications for security research and public disclosure practices.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
Microsoft has released a security patch to address the RoguePlanet vulnerability (CVE-2026-50656) affecting Windows 10 and 11 devices. The flaw allows attackers to gain SYSTEM privileges through a race condition in Microsoft Defender, posing a significant security risk.