On Wednesday, Microsoft updated the Windows Malware Protection Engine to permanently close the RoguePlanet vulnerability (CVE-2026-50656, CVSS score 7.8), known since mid-June. The initial patch from June 10 could be bypassed with a trivial change to the proof-of-concept exploit code, allowing attackers to still execute a shell with system privileges.
The flaw affects Windows 10 and 11, as well as Windows Defender and related security solutions. The Malware Protection Engine update is delivered automatically; users with custom configurations should verify the engine version. Systems running version 1.1.26060.3008 or later are considered secure.
RoguePlanet is one of several zero-day vulnerabilities disclosed by researcher “Nightmare Eclipse” over the past three months. Microsoft sharply criticized the approach, citing a lack of coordinated vulnerability disclosure (CVD), and threatened legal action. The researcher rejected the allegations.
Source: www.heise.de



