Microsoft has confirmed a privilege escalation zero-day vulnerability in Microsoft Defender, known as RoguePlanet (CVE-2026-50656), and is developing a patch to address it. The flaw, disclosed by researcher Chaotic Eclipse, exploits a race condition that can grant SYSTEM-level access regardless of Defender’s real-time protection setting.
https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html