logo

Microsoft Issues Emergency Patch for RoguePlanet Windows Defender Zero-Day

ID: 957deb4b-03ca-5691-a5fa-85d816105fb0

STIX ID: report--957deb4b-03ca-5691-a5fa-85d816105fb0

Feed Name: Security Boulevard

Threat Score
70/100

Date Published: 2026-07-12

Date Updated: 2026-07-13

Author: John Joseph Javier

...
...

Microsoft released an emergency update addressing a high-severity Windows Defender zero-day called RoguePlanet (CVE-2026-50656) that enables local privilege escalation to SYSTEM; a public proof-of-concept was published by a researcher known as Nightmare-Eclipse and the fix was delivered via Microsoft Malware Protection Engine update 1.1.26060.3008. Microsoft rated the issue CVSS 7.8, warned that systems with Defender disabled are not vulnerable, and stated there is no confirmed in-the-wild exploitation, while researchers note the public PoC increases the risk and recommend immediate patching and monitoring.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.