RoguePlanet: When Microsoft Defender Needs Defending

A researcher known as Chaotic Eclipse released proof-of-concept exploit code for a Microsoft Defender zero-day named RoguePlanet. The flaw is described as a race condition that can grant SYSTEM-level privileges when successfully exploited. It was reportedly tested on fully updated Windows 10 and Windows 11 systems after June 2026 patches. Windows Server was said to be vulnerable, though the current exploit did not work there without redesign. Microsoft said it was investigating the claims and reiterated support for coordinated vulnerability disclosure.

Microsoft Defender is supposed to stop attackers getting SYSTEM privileges. RoguePlanet, rather inconveniently, appears to do the opposite.
A proof-of-concept exploit has been released for a Microsoft Defender zero-day known as RoguePlanet. The issue is described as a race condition, which means exploitation can be unreliable, but when it works, it can result in a command shell running with SYSTEM-level privileges.

That is the sort of privilege level attackers dream about and defenders have nightmares about.
The researcher behind the release, known as Chaotic Eclipse, claimed the exploit works on fully updated Windows 10 and Windows 11 systems with June 2026 patches installed. Windows Server systems were also described as vulnerable, although the published exploit reportedly does not work against servers in its current form.

This vulnerability disclosure is part of a wider public dispute between the researcher and Microsoft over vulnerability handling. Microsoft has said it is investigating the reported issue and supports coordinated disclosure as the safest route for protecting customers.

For organisations, the immediate lesson is not to panic, but not to shrug either. Monitor Defender health events, restrict local admin rights, keep endpoint telemetry enabled, and watch for suspicious privilege escalation activity. Also, remember that security products are software too. They need monitoring, patching and hardening just like everything else.