A new zero-day exploit named 'RoguePlanet' targeting Microsoft Windows has been released by the security researcher Nightmare Eclipse, following the recent Patch Tuesday updates from Microsoft. This exploit allows for local privilege escalation (LPE) by exploiting a race condition in Microsoft Defender. Originally capable of remote code execution (RCE) through a malicious .vhd(x) file, it may also enable a BitLocker bypass.
Despite Microsoft's previous mitigations limiting some attack vectors, the researcher indicates that with more effort, the exploit could be reworked for broader system vulnerabilities. The publication of RoguePlanet comes after Microsoft rolled out patches for previous vulnerabilities released by the researcher.
Following backlash to a legal threat from Microsoft concerning vulnerability disclosures, Nightmare Eclipse suggests that legal action was taken against them, which has strained their relationship with the company.