A security researcher known as Chaotic Eclipse has released a proof-of-concept exploit for a Microsoft Defender zero-day vulnerability called RoguePlanet, which enables privilege escalation to SYSTEM access on fully patched Windows 10 and 11 machines. The exploit, a race condition, allows attackers to run arbitrary code and remains effective despite recent updates, although it currently does not work on Windows Server without modification. This disclosure follows a series of public Microsoft Defender vulnerabilities revealed by the researcher amid a dispute with Microsoft over the handling of vulnerability reports and coordinated disclosure.
https://thehackernews.com/2026/06/microsoft-defender-rogueplanet-zero-day.html