securityonline.info 7/9/2026, 11:09:19 AM · external

Microsoft Patches RoguePlanet Defender Zero-Day That Grants SYSTEM Access

Microsoft Patches RoguePlanet Defender Zero-Day That Grants SYSTEM Access
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

MICROSOFT has released a patch for a critical zero-day vulnerability in its Defender software, identified as CVE-2026-50656, which could allow local attackers to gain SYSTEM privileges. This vulnerability is due to a race condition in the Microsoft Malware Protection Engine, affecting versions prior to 1.1.26060.3008. Although no exploitation has been confirmed in the wild, a public proof-of-concept exists.

The flaw undermines defender software security, allowing attackers to escalate privileges when real-time protection is disabled. Users are advised to update their Malware Protection Engine to the latest version as a mitigation measure.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline