SecurityWeek ·EN-US News source PoC publicMicrosoft DefenderMicrosoft Malware Protection Engine (MMPE)
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day
CVE Tools coverage
Microsoft has acknowledged a publicly disclosed privilege-escalation flaw in Microsoft Defender’s Microsoft Malware Protection Engine, tracked as CVE-2026-50656 (CVSS 7.8). The issue, dubbed “RoguePlanet,” is linked to a race condition that can let attackers elevate privileges to System on Windows 10 and Windows 11, and it matters because it turns Defender into a local elevation vector. Microsoft says it is working on a high-quality security update to address CVE-2026-50656 and will provide details once the fix is available.