According to the latest update, the vulnerability, officially designated CVE-2026-50656, can be exploited by hackers to gain complete access to your computer. A week ago, the security researcher who goes by “Nightmare Eclipse” published information about RoguePlanet, a zero-day security vulnerability in Microsoft’s Defender security program.
As part of the ongoing story, the security expert published a proof-of-concept exploit in a self-hosted Git repository and claimed that Microsoft had previously targeted and removed its exploit-hosting repositories on GitHub and GitLab. The vulnerability exists in fully patched Windows 10 and Windows 11 devices and allows attackers to generate command prompts with system privileges via a race condition in Microsoft Defender.
The report highlights that i have managed to get a 100% success rate on some machines while it struggled to work on others.”. The security expert writes: “The exploit is a race condition, so it’s a hit or miss.
Industry observers note that in a statement to BleepingComputer, a Microsoft spokesperson explained that the publisher is working on developing a security patch for RoguePlanet, which will hopefully be dropped to the public soon:.
As part of the ongoing story, microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as ‘RoguePlanet.’.
As part of the ongoing story, we will provide information in this CVE when the patch is available. We are working to provide a high quality security patch that addresses this vulnerability.
According to the latest update, recently, the same security researcher has published information about a whole range of security vulnerabilities in Windows and its related programs, including BlueHammer, RedSun, MiniPlasma, and YellowKey.
As part of the ongoing story, this article originally appeared on our sister publication PC för Alla and was translated and localized from Swedish.