New Security Flaw Found in Microsoft Defender, Patch in Progress
Microsoft is preparing a security update to fix a newly discovered issue in Microsoft Defender called “RoguePlanet” (CVE-2026-50656). The flaw has a CVSS score of 7.8 and could allow attackers to gain higher-level access to a computer system.
The issue was publicly shared by security researcher Chaotic Eclipse, who said the flaw can sometimes let attackers gain full control of affected devices. Microsoft confirmed it is aware of the problem and is actively working on a fix.
The researcher also noted that the exploit may work inconsistently and could potentially function even when real-time protection is enabled, though this has not been fully confirmed.
This is the fourth Defender-related issue disclosed by the same researcher, with previous flaws already patched by Microsoft.
What Users Can Do
While waiting for the official fix, users and organizations are advised to:
- Keep Windows and Microsoft Defender fully updated
- Avoid downloading or running untrusted files and attachments
- Be cautious with unknown links or emails
- Enable all available security and protection features in Defender
- Monitor systems for unusual activity and report anything suspicious
Microsoft has not yet released the patch, but a security update is currently in development.
Source: Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development