Microsoft Defender RoguePlanet security update (CVE-2026-50656)
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft is preparing a security update for Microsoft Defender to address CVE-2026-50656, a privilege-escalation flaw in the Microsoft Malware Protection Engine. The issue is a zero-day with a CVSS score of 7.8 and can enable SYSTEM-level privileges if exploited. A public PoC from Chaotic Eclipse reportedly uses a race condition, increasing pressure for the patch.
Related Happenings
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch Release
H score44
First: 21.05.2026 10:49
Last: 21.05.2026 10:49
Sources 1
About this happening:
Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch ReleaseAbout this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Latest development: 21.05.2026 12:52
Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.
Microsoft May 2026 Patch Tuesday release
Security Patch Release
H score44
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Microsoft May 2026 Patch Tuesday release
Security Patch ReleaseAbout this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Latest development: 01.06.2026 15:30
Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.
CISA KEV order for BlueHammer patching
Public Sector Action
H score37
First: 23.04.2026 14:05
Last: 23.04.2026 14:05
Sources 1
About this happening:
**CISA** ordered **Federal Civilian Executive Branch agencies** to patch **Windows** systems against **CVE-2026-33825** within **two weeks** after adding the flaw to the **KEV Cat...
CISA KEV order for BlueHammer patching
Public Sector ActionAbout this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to patch **Windows** systems against **CVE-2026-33825** within **two weeks** after adding the flaw to the **KEV Cat...
Windows zero-day exploitation wave
Exploitation Wave
H score38
First: 17.04.2026 09:14
Last: 17.04.2026 09:14
Sources 1
About this happening:
**BlueHammer**, **RedSun**, and **UnDefend** are being exploited in the wild against **Windows** devices, creating active risk of **SYSTEM** or elevated administrator compromise....
Windows zero-day exploitation wave
Exploitation WaveAbout this happening: **BlueHammer**, **RedSun**, and **UnDefend** are being exploited in the wild against **Windows** devices, creating active risk of **SYSTEM** or elevated administrator compromise....
Latest development: 23.04.2026 14:05
CISA added BlueHammer, tracked as CVE-2026-33825, to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to patch Microsoft Defender on Windows systems within two weeks, until May 7. The federal directive targets ongoing zero-day abuse of the flaw on U.S. government systems.
Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update
Security Patch Release
H score36
First: 16.04.2026 23:19
Last: 16.04.2026 23:19
Sources 1
About this happening:
**Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...
Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update
Security Patch ReleaseAbout this happening: **Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...
Timeline
-
17.06.2026 20:36 1 articles · 2h ago
Chaotic Eclipse says RoguePlanet PoC works with real-time protection on
Technical Analysis UpdateChaotic Eclipse said the RoguePlanet proof-of-concept for CVE-2026-50656 still works even when real-time protection is enabled, and may also function in passive mode, underscoring the race-condition behavior described for the Microsoft Defender zero-day.
Show sources
- Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development — thehackernews.com — 17.06.2026 20:36
-
17.06.2026 20:36 2 articles · 2h ago
Microsoft works on a security update for RoguePlanet in Microsoft Defender
Initial DisclosureMicrosoft said it is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender, publicly referred to as RoguePlanet, and is working to provide a high-quality security update for CVE-2026-50656.
Show sources
- Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development — thehackernews.com — 17.06.2026 20:36
- Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development — thehackernews.com — 17.06.2026 20:36