UMVA has learned that a critical zero-day security vulnerability, known as RoguePlanet, has been discovered in Microsoft’s Defender security program, leaving millions of Windows 10 and Windows 11 devices exposed to potential attacks.
The vulnerability, officially designated CVE-2026-50656, can be exploited by hackers to gain complete access to your computer, allowing them to execute malicious code with system privileges. This alarming flaw exists in fully patched devices, making it a pressing concern for users worldwide.
According to information obtained by UMVA, a security researcher, who goes by the handle “Nightmare Eclipse”, published a proof-of-concept exploit in a self-hosted Git repository, demonstrating the vulnerability. The researcher claimed that Microsoft had previously targeted and removed its exploit-hosting repositories on other platforms.
The exploit relies on a complex race condition in Microsoft Defender, making it a hit-or-miss affair. The researcher reported a 100% success rate on some machines, while struggling to work on others, highlighting the unpredictable nature of this vulnerability.
UMVA can exclusively reveal that Microsoft is working on developing a security patch for RoguePlanet, which is expected to be released to the public soon. A spokesperson for the company acknowledged the vulnerability, stating that they are committed to providing a high-quality security update to address this issue.
This is not the first time the same security researcher has exposed critical vulnerabilities in Windows and its related software. Recently, they published information about a range of security flaws, including BlueHammer, RedSun, MiniPlasma, and YellowKey, emphasizing the need for users to remain vigilant about potential threats.