MICROSOFT has confirmed a zero-day vulnerability in its Defender software, tracked as CVE-2026-50656, which enables privilege escalation due to a flaw in the Malware Protection Engine. While a security patch is under development, the issue was brought to light by researcher Chaotic Eclipse, who developed a proof-of-concept exploit. The vulnerability is a race condition that allows attackers to run code with SYSTEM-level privileges.
Despite Microsoft’s efforts to enhance defenses, the exploit was tested successfully on updated Windows 10 and 11 systems, raising concerns about continued vulnerability even with real-time protection enabled. The researcher has hinted at additional memory corruption issues within Defender and has expressed frustration over Microsoft's handling of vulnerability reports. Microsoft asserts it is actively investigating the claims regarding RoguePlanet and stresses the importance of coordinated vulnerability disclosure.