Jump to content
  • A critical exploit bypasses Microsoft Defender in Windows 11 and Windows 10 — so much for "everyday risk protection without additional software"


    Karlston

    • 1 comment
    • 165 views
    • 3 minutes
     Share


    • 1 comment
    • 165 views
    • 3 minutes

    RoguePlanet flaw in Windows Defender gives hackers full control of Windows 10 and Windows 11 devices.

    Last month, security researcher Chaotic Eclipse (better known as Nightmare-Eclipse) managed to bypass Windows 11's sophisticated BitLocker security feature using a USB stick. Nightmare claimed that :

     

    "Could have made some insane cash selling this, but no amount of money will stand between me and my determination against Microsoft." The company has since patched three zero-day exploits published by the security researcher, including YellowKey, GreenPlasma, and MiniPlasma.

     

    More recently, Nightmare-Eclipse disclosed a new zero-day vulnerability dubbed RoguePlanet, which affects Microsoft Defender on both Windows 11 and Windows 10. The exploit could allow attackers to gain full control of affected systems (via ).

     

    Microsoft acknowledged the vulnerability and indicated that it's tracking the RoguePlanet zero-day exploit under CVE-2026-50656. According to the company:

     

    "Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available."

     

    The security sleuth shared a proof-of-concept exploit in a self-hosted Git repository, further claiming that Microsoft had scrapped its repository hosting exploits on GitHub and GitLab.

    The exploit is a race condition, so it's a hit or miss. I have managed to get a 100% success rate on some machines while it struggled to work on others. The PoC for RoguePlanet works regardless if real time protection is on or not.

     

    Nightmare-Eclipse

    Perhaps more interestingly, this news comes after Microsoft previously fronted Windows 11’s Defender as enough for most PC owners. "Microsoft Defender Antivirus covers everyday risks without requiring additional software,” the company added.

     

    The statement seemed highly debatable in the community, though many still agreed with Microsoft's sentiments, including some of Windows Central's readers:

     

    "It's not a secret, Windows Defender has been the best or near the best antivirus for years by now. Times when third-party antivirus actually served a purpose are long gone. You're just slowing down your system and paying for no reason."

     

    In a subsequent blog post, Microsoft admitted that while Windows 11's Defender is usually enough for most users, third‑party tools add extra layers of protection, including identity monitoring or built-in VPNs.

     

    Elsewhere, Nightmare-Eclipse and Microsoft had been locked in a months-long battle, with Microsoft even threatening legal action. But after backlash from the wider cybersecurity community, who conduct or publish their findings.

     

    Source


    Hope you enjoyed this news post. Feedback welcome.

    Posted Wednesday 1 July 2026 at 8:11 am AEST (my time).

    News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of June) 2,475

    RIP Matrix


    User Feedback

    Recommended Comments

    Quote

    "Microsoft Defender Antivirus covers everyday risks without requiring additional software,”

     

    Incredible! Such a statement coming from a company that keeps beating on it's dead horse (Win11) whose carcass has been stinking to high heaven!!

    Defender wasn't shipped with XP fortunately but included since vista.

    My first ever PC came with Mcafee, which I removed promptly and replaced with Nod AV and ZoneAlarm.

    Which in turn have been replaced with Eset security suites.

    I never used M$ security offerings and never will. In fact, the only thing I'm using from M$ is the OS.

    Third party apps are much more useful. Which isn't surprising when you consider they were made by people who saw the need.

     

     

    Quote

    Nightmare-Eclipse

     

    2wNIvFs.jpg

    • Like 2
    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...