Breaking 14:06 Senegal federation clarifies World Cup airport security video 13:20 MetLife Stadium completes preparations for Morocco, Brazil World Cup opener 13:07 Morocco faces demanding World Cup group with Brazil opener 11:29 Gold falls below 4,200 dollars as Iran conflict pressures demand 11:17 New Windows Defender zero-day enables system privileges escalation 11:15 Global AI Debt issuance set to surpass $500 billion in 2026, Morgan Stanley projects 10:52 El Niño and Hormuz crisis threaten global food security 10:47 United Kingdom rejects US warning over under-16 social media ban 10:43 Morgan Stanley forecasts $570 billion AI debt surge in 2026 10:22 United States calls Russian invasion strategic failure at UN 10:19 EU rejects Apple request to exempt Siri AI under DMA 10:15 Petition against Trump’s “Manga-Style Posts” gains 20,000 signatures in Japan 10:14 Houthis strike two ships after Red Sea navigation ban 10:03 United States warns Europe over Ebola travel rules escalation 09:58 Iranian guards claim drone strike on US naval base Bahrain 09:52 Morocco hosts African counterterrorism summit amid rising threats 09:49 Nintendo shares fall after disappointing switch 2 showcase 09:45 Albania suspends Kushner resort after EU environmental warning 09:41 Goldman Sachs raises AI server market forecast to $1.24 trillion 09:26 Gold and silver slide to 2026 lows after US strikes Iran 09:20 Pakistan contradicts Trump claim on imminent Iran deal talks 09:15 Oil drops to seven-week low after Iran Israel ceasefire 09:11 Anthropic launches Claude Fable 5 public mythos AI model 09:07 Arthur Hayes predicts AI bubble burst before bitcoin recovery 09:04 OpenAI ipo filing accelerates capital shift from bitcoin markets 09:00 Honda America recalls over 880,000 vehicles due to rear suspension defect risk 08:59 Strong US jobs data rattles global stock markets 08:52 Germany approves first cannabis-based chronic pain medication Exilby 08:43 Marco Rubio pushes Trump to approve Israeli strikes on Iran 08:36 U.S. Embassy in Rabat marks 250th independence anniversary and highlights long-standing U.S.–Morocco partnership 07:50 NASA names Artemis III crew for critical lunar mission test 07:00 El Niño poised to push global temperatures to new highs 16:18 Musk unveils orbital ai data centers ahead spacex ipo 16:13 Iran accuses United States of blocking World Cup fans 15:55 EU orders Meta to restore WhatsApp AI competitor access 15:50 Kremlin rules out Trump-Putin call as Ukraine talks stall 15:48 Conan O’Brien completes Morocco shoot for travel series season three

New Windows Defender zero-day enables system privileges escalation

11:17
By: Dakir Madiha
New Windows Defender zero-day enables system privileges escalation

A new security flaw has emerged in Microsoft Defender shortly after the release of a major Patch Tuesday update cycle. The vulnerability allows attackers to gain SYSTEM-level privileges on fully updated Windows 10 and Windows 11 machines. The issue stems from a race condition inside Microsoft Defender, exposing systems even after recent security patches were applied.

The exploit, named RoguePlanet, was released as a proof-of-concept by a security researcher known as Nightmare Eclipse. The code demonstrates how local privilege escalation can be achieved on systems that have installed the June 2026 cumulative update KB5094126. Independent security analysis confirmed that the exploit functions as described and can be reproduced under real-world conditions.

ThreatLocker, a cybersecurity company, validated the findings after testing the exploit on updated Windows 11 systems. Its engineers confirmed that the attack can successfully elevate privileges under specific conditions, although execution depends on timing due to the race condition. The company noted that application allowlisting can block the exploit by restricting unauthorized execution paths on affected systems.

The researcher behind RoguePlanet stated that the exploit originally targeted remote code execution through Microsoft Defender handling of SMB share files, but later changes to Microsoft’s API forced a shift toward local privilege escalation. The researcher also described variable success rates across machines, indicating inconsistent exploitation depending on system behavior.

This disclosure is part of a broader campaign that has seen multiple zero-day releases targeting Windows components in recent months. Microsoft’s latest Patch Tuesday addressed more than 200 vulnerabilities, including several previously disclosed flaws. Among them was a privilege escalation issue in Defender that was already known to be actively exploited in the wild, highlighting continued pressure on the company’s security response cycle.

Microsoft initially reacted strongly to the wave of disclosures, suggesting possible legal action against individuals causing harm. The company later reversed its position and returned to a coordinated vulnerability disclosure framework. Despite this shift, the researcher continued publishing additional exploits through independent infrastructure.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation Technology Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation
Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco Technology Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.