Microsoft closes book on Nightmare Eclipse's RoguePlanet zero-day
Weeks after the exploit code dropped, Redmond has finally ships a fix for the Defender zero-day
Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company's handling of vulnerability reports.
The vulnerability, tracked as CVE-2026-50656, was addressed through an update to the Microsoft Malware Protection Engine rather than via its monthly Patch Tuesday bundle. Microsoft said customers should ensure they're running the latest engine version to receive the fix.
The flaw first surfaced in Junewhen Nightmare Eclipse published both technical details and proof-of-concept exploit code, claiming RoguePlanet worked against fully patched Windows 10 and Windows 11 systems. According to the researcher, the bug exploits a race condition in Microsoft Defender to spawn a command prompt with SYSTEM privileges, granting an attacker complete control of the local machine if the timing is...
Copyright of this story solely belongs to theregister.com. To see the full text click HERE