A critical zero-day vulnerability, known as RoguePlanet, has been uncovered in Microsoft Defender, impacting Windows 10 and 11 systems. This flaw, labeled CVE-2026-50656, is a race condition that can be exploited by hackers to gain full system-level access, even on devices that have been fully patched. The vulnerability allows attackers to open command prompts with system privileges due to a race condition within Microsoft Defender. The security expert who discovered this flaw, “Nightmare Eclipse,” demonstrated the exploit’s effectiveness, noting its varying success rates across different machines. Microsoft has acknowledged the vulnerability and is currently developing a security patch to address this pressing issue. The company emphasized its commitment to releasing a high-quality security update soon. Additionally, the researcher has identified several other vulnerabilities in Windows software, including BlueHammer, RedSun, MiniPlasma, and YellowKey.
Is Microsoft racing to fix a critical Defender flaw called RoguePlanet?
