**Microsoft** has formally acknowledged a critical zero-day vulnerability in **Microsoft Defender**, codenamed **RoguePlanet**. The flaw, now assigned **CVE-2026-50656** with a CVSS score of 7.8, is described as a privilege escalation vulnerability. "Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender, publicly referred to as 'RoguePlanet,'" the company stated. "We are working to provide a high-quality security update that addresses this vulnerability." ### The RoguePlanet Revelation The disclosure comes just a week after security researcher **Chaotic Eclipse** (aka **Nightmare-Eclipse**) publicly released details and proof-of-concept for **RoguePlanet**. The exploit leverages a race condition to grant attackers SYSTEM-level privileges. **Chaotic Eclipse** noted the exploit's variability: "The exploit is a race condition, so it's a hit or miss. I have managed to get a 100% success rate on some machines while it struggled to work on others." In a recent update, the researcher highlighted a concerning aspect: "I forgot to add one thing, surprisingly, the PoC for RoguePlanet works regardless if real-time protection is on or not, which is hilarious. I think it even works in the case of passive mode, but not really sure, haven't tested that." ### A History of Defender Vulnerabilities This is not the first time **Chaotic Eclipse** has brought a **Microsoft Defender** vulnerability to light. **RoguePlanet** follows three other significant disclosures: **BlueHammer** (**CVE-2026-33825**), **UnDefend** (**CVE-2026-45498**), and **RedSun** (**CVE-2026-41091**). All previous vulnerabilities were promptly patched by **Microsoft**. Security professionals are advised to monitor **Microsoft's** official channels for the upcoming patch to mitigate the risks associated with **RoguePlanet**.