MICROSOFT has released patches for a vulnerability in its Defender software called RoguePlanet, which was first publicly exploited by a researcher known as Nightmare Eclipse. This vulnerability, tracked as CVE-2026-50656, allows privilege escalation due to a race condition. The patches were provided through an automatic update via the Microsoft Malware Protection Engine.
Although no reports of exploitation were documented for RoguePlanet, the same researcher has uncovered additional vulnerabilities in Defender relating to memory leaks and quarantined files. Previous vulnerabilities disclosed by Nightmare Eclipse have been exploited in the wild.