A publicly available exploit called RoguePlanet can give attackers the highest level of access on Windows systems. Microsoft has confirmed the vulnerability and says it’s working on a security update.

RoguePlanet is tracked under CVE-2026-50656, where it’s described as a Microsoft Defender Elevation of Privilege (EoP) vulnerability.

In its advisory, Microsoft says:

“Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as “RoguePlanet “. We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.”

If successfully exploited, RoguePlanet can allow an attacker to elevate privileges from a standard user account to NT AUTHORITY\SYSTEM, the highest privilege level on Windows.

This means an attacker who manages to get access to a standard user account on your computer could use the vulnerability to gain complete control of the system. They don’t need advanced hacking skills or administrator permission to do this.

The success of the published exploit does depend on a race condition, though. This means its success depends on the precise timing of two events. The researcher wrote:

“I have managed to get a 100% success rate on some machines while it struggled to work on others.”

It seems that the problem lies in a high-level part of the Microsoft Defender code, which may help to explain why Microsoft says it’s working on a “high quality security update.”

This same researcher has submitted three earlier Microsoft Defender vulnerabilities known as BlueHammer (CVE-2026-33825), UnDefend (CVE-2026-45498), and RedSun (CVE-2026-41091), as well as four other Windows zero-days, all of which have since been patched by Microsoft.

How to protect your machine

The exploit reportedly works whether you’re using active protection or not, so disabling Microsoft Defender is not a solution. But there are a few things you can do to protect your machine:

• Look out for a Microsoft security update addressing this vulnerability and install it as soon as it becomes available.
• Back up your important data on a platform or device that is not directly connected to your computer.
• Be careful about downloading executable files from unknown sources or running files that are recommended to you without you asking for them.
• Do not rely on Microsoft Defender as your only anti-malware solution. Malwarebytes detects RoguePlanet.exe (the exploit code) based on its behavior.
  

Obviously, we’ll keep you posted about this and other security issues, so stay tuned.

“One of the best cybersecurity suites on the planet.” 

According to CNET. Read their review →

The post Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control appeared first on Malwarebytes.

*** This is a Security Bloggers Network syndicated blog from Malwarebytes authored by Malwarebytes. Read the original post at: https://www.malwarebytes.com/blog/news/2026/06/microsoft-working-on-a-fix-for-rogueplanet-a-flaw-that-grants-full-pc-control