ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME21:38:52 UTC
← All briefs
CRITICALCyber IntelligenceWednesday, June 10, 2026

Microsoft Defender Zero-Day Grants Attackers SYSTEM-Level Access

Public exploit code for RoguePlanet vulnerability enables privilege escalation on fully patched Windows systems via race condition in Defender.

A security researcher operating under the alias Chaotic Eclipse has published proof-of-concept exploit code for a previously unknown vulnerability in Microsoft Defender. The zero-day, designated RoguePlanet, enables attackers to escalate privileges to SYSTEM level on updated Windows installations.

The exploit leverages a race condition within Defender's execution flow. While race conditions are typically unreliable, the researcher claims to have achieved a 100% success rate through repeated testing. The code was released via a new GitHub account under the handle MSNightmare.

Microsoft has not yet issued a patch or public advisory for the vulnerability. The release follows a pattern of Windows security disclosures by the same researcher, who has previously published exploits for other Defender and Windows kernel flaws. Public availability of working exploit code significantly compresses the window for defensive action.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01Enterprise IT teams must monitor for abnormal SYSTEM-level process creation until patch available.
  • 02Attackers with initial access can now trivially escalate to full machine control.
  • 03Organizations may need to layer additional endpoint controls beyond Defender temporarily.
  • 04Incident response teams should audit recent privilege escalations for potential exploitation.
Source
The Hacker News
https://thehackernews.com/2026/06/microsoft-defender-rogueplanet-zero-day.html
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#microsoft defender#zero-day#privilege escalation#windows#race condition#rogueplanet
Related Briefs