Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Key Points:
- Microsoft has released security updates to fix the RoguePlanet vulnerability (CVE-2026-50656), a privilege escalation flaw in the Microsoft Malware Protection Engine affecting Defender antivirus software.
- The vulnerability, described as a race condition that allows attackers to gain SYSTEM-level privileges and run arbitrary code, works on fully patched Windows systems regardless of real-time protection status.
- RoguePlanet was disclosed by security researcher Chaotic Eclipse, who previously reported other Defender flaws now patched by Microsoft; however, Microsoft has not officially credited this researcher.
- The fix is included in Microsoft Malware Protection Engine version 1.1.26060.3008, which also includes additional security hardening updates, and no user action is required as updates are applied automatically.
- Microsoft emphasized that Defender software typically updates malware definitions and engine versions daily or multiple times per day to protect users against emerging threats.