Ethical Hacking News
A new Microsoft Defender zero-day exploit has raised concerns over privilege escalation, with a proof-of-concept (PoC) exploit for RoguePlanet allowing attackers to gain SYSTEM-level privileges on Windows 11 and 10 machines. The vulnerability is part of a series of flaws uncovered by an anonymous security researcher, Chaotic Eclipse, who has been involved in a public feud with Microsoft over the disclosure process.
A proof-of-concept (PoC) exploit for RoguePlanet has been released, allowing attackers to gain SYSTEM-level privileges on Windows 11 and 10 machines.The RoguePlanet zero-day is a race condition, making it uncertainly reliable, but can result in a shell with SYSTEM-level privileges.Micrsosft has condemned the public vulnerability disclosures as "never justifiable" and put customers at "unnecessary risk".A public feud has erupted between Chaotic Eclipse (the anonymous security researcher) and Microsoft over the disclosure process and handling of vulnerabilities.Chaotic Eclipse has disclosed other Microsoft Defender flaws, including BlueHammer and UnDefend, in response to an alleged breakdown in communication with Microsoft.
Microsoft's latest zero-day vulnerability has sparked concerns among cybersecurity experts, as a proof-of-concept (PoC) exploit for RoguePlanet has been released, allowing attackers to gain SYSTEM-level privileges. The vulnerability, named RoguePlanet, was discovered by an anonymous security researcher going by the name Chaotic Eclipse.
The RoguePlanet zero-day is a race condition, making it hit or miss, according to Chaotic Eclipse. Despite its uncertain reliability, the exploit can result in a shell with SYSTEM-level privileges, granting attackers the ability to run arbitrary code or perform unauthorized actions on Windows 11 and 10 machines that have received the June 2026 Patch Tuesday updates.
Chaotic Eclipse has tested the exploit on various systems, including Windows Server instances. However, the researcher notes that the exploit does not work on Windows Server instances in its current form due to limitations with standard users' ability to mount ISO images.
Furthermore, Microsoft has been involved in a public feud with Chaotic Eclipse over the disclosure process and the handling of vulnerabilities. Microsoft condemned the public vulnerability disclosures, stating they are "never justifiable" and put customers at "unnecessary risk." In response, Chaotic Eclipse accused Microsoft of revoking access to their Microsoft Security Response Center (MSRC) account and humiliating them.
The RoguePlanet zero-day is part of a series of Microsoft Defender flaws uncovered by Chaotic Eclipse in recent months. The researcher has also disclosed other vulnerabilities, including BlueHammer (CVE-2026-33825), UnDefend (CVE-2026-45498), and RedSun (CVE-2026-41091). These disclosures are seen as a retaliatory effort following an alleged breakdown in communication between the researcher and Microsoft.
Chaotic Eclipse has also expressed dissatisfaction with Microsoft's handling of the disclosure process, stating that the company is attempting to misuse its ownership of GitHub to protect only its own products. The researcher has accused Microsoft of defaming them and failing to compensate them for identified vulnerabilities.
In response to these claims, Microsoft stated that they have no intention to pursue action against individuals conducting or publishing security research. The company emphasized their commitment to coordinated vulnerability disclosure as the foundation for protecting customers and improving products.
Microsoft is actively investigating the validity and potential applicability of these claims and has committed to updating impacted products to protect customers as soon as possible.
A new Microsoft Defender zero-day exploit has raised concerns over privilege escalation, with a proof-of-concept (PoC) exploit for RoguePlanet allowing attackers to gain SYSTEM-level privileges on Windows 11 and 10 machines. The vulnerability is part of a series of flaws uncovered by an anonymous security researcher, Chaotic Eclipse, who has been involved in a public feud with Microsoft over the disclosure process.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Microsoft-Defender-Zero-Day-Exploit-Raises-Concerns-Over-Privilege-Escalation-ehn.shtml
https://thehackernews.com/2026/06/microsoft-defender-rogueplanet-zero-day.html
Published: Wed Jun 10 14:00:55 2026 by llama3.2 3B Q4_K_M
