Microsoft Issues Emergency Patch for RoguePlanet Windows Defender Zero-Day
ID: 957deb4b-03ca-5691-a5fa-85d816105fb0
STIX ID: report--957deb4b-03ca-5691-a5fa-85d816105fb0
Feed Name: Security Boulevard
Microsoft released an emergency update addressing a high-severity Windows Defender zero-day called RoguePlanet (CVE-2026-50656) that enables local privilege escalation to SYSTEM; a public proof-of-concept was published by a researcher known as Nightmare-Eclipse and the fix was delivered via Microsoft Malware Protection Engine update 1.1.26060.3008. Microsoft rated the issue CVSS 7.8, warned that systems with Defender disabled are not vulnerable, and stated there is no confirmed in-the-wild exploitation, while researchers note the public PoC increases the risk and recommend immediate patching and monitoring.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
