Home / Technology / Microsoft Defender Bug Grants SYSTEM Privileges
Microsoft Defender Bug Grants SYSTEM Privileges
18 Jun
Summary
- RoguePlanet vulnerability grants SYSTEM privileges.
- Chaotic Eclipse is a researcher targeting Microsoft.
- Microsoft is developing a security update for the flaw.
Microsoft has acknowledged a critical elevation-of-privilege vulnerability within its Defender Malware Protection Engine, now officially tracked as CVE-2026-50656 and publicly known as RoguePlanet. This zero-day flaw was disclosed by a researcher under the alias Chaotic Eclipse, who claims it allows for the acquisition of SYSTEM privileges on fully patched Windows 10 and Windows 11 devices.
This discovery marks the seventh zero-day exploit disclosed by Chaotic Eclipse in recent months, escalating a personal crusade against Microsoft over alleged mishandling of vulnerability disclosures. The researcher has published a proof-of-concept exploit, noting its nature as a race condition vulnerability that can be challenging to execute consistently. Security firm ThreatLocker has validated the exploit's functionality.
Microsoft has confirmed its awareness of RoguePlanet and stated that a security update is in development to address the vulnerability. The company previously indicated a willingness to pursue legal action against individuals engaging in activities that cause harm to its customers, a stance Chaotic Eclipse appears to disregard.
