{"id":232835,"date":"2026-06-17T14:16:00","date_gmt":"2026-06-17T18:16:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/17\/microsoft-confirms-rogueplanet-defender-zero-day-says-patch-is-in-development\/"},"modified":"2026-06-17T15:20:13","modified_gmt":"2026-06-17T19:20:13","slug":"microsoft-confirms-rogueplanet-defender-zero-day-says-patch-is-in-development","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/17\/microsoft-confirms-rogueplanet-defender-zero-day-says-patch-is-in-development\/","title":{"rendered":"Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/microsoft-confirms-rogueplanet-defender_02022423645.html\">Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/microsoft-confirms-rogueplanet-defender_02022423645.html\">https:\/\/thehackernews.com\/2026\/06\/microsoft-confirms-rogueplanet-defender_02022423645.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-17 14:16:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n\ue804Ravie Lakshmanan\ue802Jun 17, 2026Endpoint Security \/ Vulnerability<br \/>\nMicrosoft has formally disclosed that it&#8217;s working to release a patch to address a Defender zero-day codenamed RoguePlanet.<\/p>\n<p>The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.<\/p>\n<p>&#8220;Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender, publicly referred to as &#8216;RoguePlanet,'&#8221; the company said. &#8220;We are working to provide a high-quality security update that addresses this vulnerability.&#8221;\u00a0<\/p>\n<p>The development comes nearly a week after a security researcher named Chaotic Eclipse (aka Nightmare-Eclipse) released RoguePlanet, calling the exploit a case of a race condition that grants attackers a shell with SYSTEM-level privileges.<\/p>\n<p>&#8220;The exploit is a race condition, so it&#8217;s a hit or miss,&#8221; the researcher noted. &#8220;I have managed to get a 100% success rate on some machines while it struggled to work on others.&#8221;<\/p>\n<p>In an update shared Tuesday, the researcher added: &#8220;I forgot to add one thing, surprisingly, the PoC for RoguePlanet works regardless if real-time protection is on or not, which is hilarious. I think it even works in the case of passive mode, but not really sure, haven&#8217;t tested that.&#8221;<\/p>\n<p>Microsoft told The Hacker News last week that it&#8217;s aware of the reported vulnerability and that it&#8217;s &#8220;actively investigating the validity and potential applicability of these claims.&#8221;<\/p>\n<p>RoguePlanet is the fourth Defender vulnerability disclosed by Chaotic Eclipse after BlueHammer (CVE-2026-33825), UnDefend (CVE-2026-45498), and RedSun (CVE-2026-41091), all of which have since been patched by Microsoft.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development https:\/\/thehackernews.com\/2026\/06\/microsoft-confirms-rogueplanet-defender_02022423645.html Publish Date: 2026-06-17 14:16:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":232836,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgy3ayOlDb3vsL747G9hStxxjTd3N5i2u8hegcT_hTs4RlNqylS_HyYH4mGLQEavD-QwH3G4l-p2tE5xrXoeK-Btj5YjbENpZcnqRZ7mXCjnJgqHKaoqyE3I3yqy3tYxafbDGNOMrDsvTnJ8UKkn7DDQ8PY_sQNZI6TsNTV0lOmSqs1uxUKm3pgpmkSDpeZ\/s1600\/ms-patch.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,35,32,27],"class_list":["post-232835","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-hacker","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232835"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=232835"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232835\/revisions"}],"predecessor-version":[{"id":232837,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232835\/revisions\/232837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/232836"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=232835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=232835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=232835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}