MICROSOFT has addressed a critical vulnerability in its Defender software known as RoguePlanet (CVE-2026-50656), which allows local attackers to elevate privileges through the Malware Protection Engine. The flaw was rated 7.8 on the CVSS scale and originated from a race condition that could give attackers SYSTEM-level privileges. Despite an active security update process, a security researcher demonstrated an exploit that worked even on fully updated systems.
Microsoft confirmed the flaw was fixed in version 1.1.26060.3008 of the Malware Protection Engine, which also includes additional hardening measures. This incident marks the fourth reported flaw by the researcher, highlighting ongoing vulnerabilities in Microsoft Defender.