RoguePlanet Zero-Day Grants SYSTEM Access via Defender Race Condition
A publicly released exploit targets CVE-2026-50656 in Microsoft Defender's quarantine pipeline. Microsoft confirms the flaw but has no patch timeline yet.
12 articles tagged with "Windows"
A publicly released exploit targets CVE-2026-50656 in Microsoft Defender's quarantine pipeline. Microsoft confirms the flaw but has no patch timeline yet.
Critical Windows Netlogon vulnerability CVE-2026-41089 enables zero-click RCE on domain controllers. Active exploitation confirmed—patch immediately.
A disgruntled researcher released two unpatched Windows zero-days: YellowKey bypasses BitLocker encryption via USB, while GreenPlasma grants SYSTEM privileges. No patches available yet.
Microsoft's May 2026 Patch Tuesday addresses 120 vulnerabilities including 17 critical RCE flaws. No zero-days, but Word preview pane attacks and Netlogon bugs demand immediate attention.
A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.
A faulty signature update caused Windows Defender to detect trusted DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha. Microsoft has released a fix, but some users already reinstalled Windows.
Russian state hackers weaponize CVE-2026-32202, an incomplete patch for Windows Shell that enables zero-click NTLM hash theft. Microsoft confirms active exploitation after Akamai discovers the bypass.
Kaspersky discloses PhantomRPC, an architectural Windows RPC vulnerability enabling SYSTEM-level privilege escalation across all Windows versions. Microsoft declined to patch despite five exploitation paths.
New Kyber ransomware operation uses NIST-standardized Kyber1024 encryption on Windows while targeting VMware ESXi with a separate variant. Rapid7 analysis reveals the ESXi version's claims are false.
Frustrated researcher 'Chaotic Eclipse' releases RedSun, another Windows Defender privilege escalation exploit granting SYSTEM access. Microsoft has not yet patched this second zero-day.
Security researcher releases working proof-of-concept for BlueHammer, an unpatched Windows Defender privilege escalation flaw enabling SYSTEM access via TOCTOU and path confusion vulnerabilities.
Microsoft's February 2026 Patch Tuesday fixes 59 flaws including six actively exploited zero-days. CrowdStrike confirmed CVE-2026-21533 was used in attacks targeting US and Canada since December.