A patch released by Microsoft to fix a zero-day vulnerability (CVE-2026-50656) in the Windows Defender malware protection engine may cause affected Windows machines to write excessively large files that can fill the hard disk. Researcher NightmareEclipse reported that new defense-in-depth mitigations introduced in the patch cause the engine to leak data when handling certain files and their associated Zone.Identifier metadata, potentially allowing attackers to exhaust disk space via specially crafted SMB server responses. Microsoft has not yet confirmed the disk-filling behavior, while the researcher’s ongoing public disclosures highlight a continued dispute with Microsoft over vulnerability handling.
Patch for Windows Defender 0-Day Could Allow Attackers to Fill Hard Disk

