Microsoft Working To Patch 'RoguePlanet' Zero-Day
来源:Slashdot · 作者:BeauHD · · 分类:Technologywiredmikey shares a report from SecurityWeek: Microsoft on Wednesday published an advisory acknowledging the public disclosure of a vulnerability in Defender that could lead to privilege escalation. The security defect, tracked as CVE-2026-50656 (CVSS score of 7.8), was dropped last week by security researcher Nightmare Eclipse (also known as Chaotic Eclipse). "We are working to provide a high-quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available," Microsoft adds. RoguePlanet, Nightmare Eclipse explained last week, targets a race condition in Microsoft Defender and allows attackers to gain System privileges. The researcher released a proof-of-concept (PoC) exploit that demonstrates local privilege escalation (LPE) on Windows 11 and Windows 10 systems with the June 2026 patches installed. [...] On Wednesday, Nightmare Eclipse pointed out that the PoC works regardless of whether Defender's real-time protection is enabled or disabled. It may even work in passive mode, the researcher said.
Read more of this story at Slashdot.
原文链接:https://it.slashdot.org/story/26/06/17/2030228/microsoft-working-to-patch-rogueplanet-zero-day?utm_source=rss1.0mainlinkanon&utm_medium=feedArticle URL:https://63496.xhstool.cn/html/29f4499926.html
Copyright Notice
This article represents the author's views only and does not reflect this site's position.
It is published with authorization; no reproduction without permission.