CHAOTIC Eclipse, a security researcher, has released a proof-of-concept (PoC) exploit for a zero-day vulnerability in Microsoft Defender, named RoguePlanet, which can allow attackers to gain SYSTEM privileges on fully patched Windows systems. This exploit is based on a race condition and has been confirmed to work on Windows 10 and 11 following the June 2026 Patch Tuesday updates.
Despite Microsoft's ongoing updates to strengthen security, the researcher claims the vulnerability still exists and has identified additional memory corruption issues within Defender and other components. Chaotic Eclipse's findings follow other recent disclosures that have emerged amid disputes with Microsoft regarding the vulnerability reporting process. Microsoft has criticized the public release of these vulnerabilities, emphasizing the risks posed to users.