Microsoft has released a security update to patch a privilege escalation vulnerability known as RoguePlanet (CVE-2026-50656) in its Malware Protection Engine, which could allow attackers to gain SYSTEM-level privileges and execute arbitrary code. The flaw, disclosed by researcher Chaotic Eclipse, exploited a race condition and affected fully patched Windows systems, but Microsoft’s update has mitigated the issue along with adding defense-in-depth improvements. Additionally, the researcher identified a potential new data leak caused by the patch that requires further investigation.
https://thehackernews.com/2026/07/microsoft-patches-rogueplanet-defender.html

