Microsoft acknowledges RoguePlanet zero-day exploit targeting Defender privilege escalation (CVE-2026-50656)
By
Zeljka Zorz
Pure flour-power. Hearty enough to carry you through lunch.
Summary
Microsoft has acknowledged a local elevation of privilege vulnerability (CVE-2026-50656) in Microsoft Defender, triggered via the "RoguePlanet" exploit released by the threat group Nightmare Eclipse. The vulnerability stems from improper link resolution before file access, allowing low-complexity attacks by authenticated attackers with no user interaction required. Microsoft states it is working on a high-quality security update to address the issue.
Key quotes
· 3 pulledMicrosoft is working to provide a high quality security update that addresses this vulnerability.
The vulnerability stems from improper link resolution before file access, and can be exploited in low complexity attacks by authenticated attackers, with no user interaction required.
RoguePlanet is one of the exploits released by Nightmare Eclipse, an unidentified threat group.
You might also wanna read
Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday
An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker
theregister.com·20d agoAnonymous researcher releases two new Windows zero-day exploits after Patch Tuesday
An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker
theregister.com·20d ago
Microsoft zero-day feud escalates as researcher threatens major exploit release on July 14
The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having
theregister.com·17d agoMicrosoft zero-day feud escalates as researcher threatens major exploit release on July 14
The ongoing feud between Microsoft and security researcher Nightmare Eclipse (aka Chaotic Eclipse) has escalated, with the researcher having
theregister.com·17d ago
CVE-2026-3888: Snap Vulnerability Enables Local Privilege Escalation to Root in Ubuntu Desktop
Qualys researchers discovered a critical Local Privilege Escalation vulnerability (CVE-2026-3888) affecting Ubuntu Desktop 24.04+ that allow
blog.qualys.com·3mo ago
Security researcher publishes YellowKey zero-day exploit that bypasses Microsoft BitLocker encryption via USB stick
Security researcher Chaotic Eclipse (Nightmare-Eclipse) has published two new zero-day exploits targeting Microsoft systems after their prev
tomshardware.com·1mo ago
Critical FreePBX Zero-Day Vulnerability CVE-2025-57819 Exposed and Exploited
A critical zero-day vulnerability (CVE-2025-57819) has been discovered in FreePBX, a popular open-source PBX system. The article details how
labs.watchtowr.com·9mo ago
CVE-2026-31431 "CopyFail": Linux Local Privilege Escalation Vulnerability Disclosed
A Linux kernel vulnerability (CVE-2026-31431), nicknamed "CopyFail," has been disclosed on the oss-security mailing list. The vulnerability