Breaking 14:30 Rubio warns that proposed Strait of Hormuz transit fees could trigger global maritime disruption 13:01 Federal Reserve overhauls banking supervision structure to boost efficiency and transparency 12:21 Trump Pledges Immediate Aid to Venezuela After Devastating Earthquakes 12:00 Trump requests $87.6 billion from Congress to cover Iran conflict costs and military replenishment 11:30 Rubio strengthens Gulf diplomacy amid rising tensions over Iran and the Strait of Hormuz 10:45 Anthropic unveils Claude Tag, an AI teammate designed for Slack collaboration 10:27 OpenAI unveils Jalapeño, Its first AI chip to accelerate inference 10:18 Artificial intelligence challenges Google’s search dominance despite its continued leadership 07:46 Trump urges defense companies to accelerate weapons production and strengthen military stockpiles 07:33 World Cup 2026 breaks viewing and attendance records as global enthusiasm reaches new heights 07:15 Elon Musk Says Humanoid Robots Could Reduce the Importance of Money in the Future 20:29 Wikipedia Rejects Full AI-Driven Editing to Preserve Human Oversight in Knowledge Production 19:19 How Qualification to the Round of 32 Works at the 2026 FIFA World Cup 19:00 US Dollar Hits 13-Month High as Investors Seek Safe-Haven Assets 18:18 “Lumumba” Makes First Appearance at the 2026 World Cup After Captivating Morocco in 2025 17:30 Microsoft urges a balanced approach to artificial intelligence and the future of work 15:53 Selling pressure on spacex shares cuts deeply into elon musk’s fortune 15:30 Cristiano Ronaldo Makes History as First Player to Score in Six Different World Cups

New Windows Defender zero-day enables system privileges escalation

Wednesday 10 - 11:17
By: Dakir Madiha
New Windows Defender zero-day enables system privileges escalation

A new security flaw has emerged in Microsoft Defender shortly after the release of a major Patch Tuesday update cycle. The vulnerability allows attackers to gain SYSTEM-level privileges on fully updated Windows 10 and Windows 11 machines. The issue stems from a race condition inside Microsoft Defender, exposing systems even after recent security patches were applied.

The exploit, named RoguePlanet, was released as a proof-of-concept by a security researcher known as Nightmare Eclipse. The code demonstrates how local privilege escalation can be achieved on systems that have installed the June 2026 cumulative update KB5094126. Independent security analysis confirmed that the exploit functions as described and can be reproduced under real-world conditions.

ThreatLocker, a cybersecurity company, validated the findings after testing the exploit on updated Windows 11 systems. Its engineers confirmed that the attack can successfully elevate privileges under specific conditions, although execution depends on timing due to the race condition. The company noted that application allowlisting can block the exploit by restricting unauthorized execution paths on affected systems.

The researcher behind RoguePlanet stated that the exploit originally targeted remote code execution through Microsoft Defender handling of SMB share files, but later changes to Microsoft’s API forced a shift toward local privilege escalation. The researcher also described variable success rates across machines, indicating inconsistent exploitation depending on system behavior.

This disclosure is part of a broader campaign that has seen multiple zero-day releases targeting Windows components in recent months. Microsoft’s latest Patch Tuesday addressed more than 200 vulnerabilities, including several previously disclosed flaws. Among them was a privilege escalation issue in Defender that was already known to be actively exploited in the wild, highlighting continued pressure on the company’s security response cycle.

Microsoft initially reacted strongly to the wave of disclosures, suggesting possible legal action against individuals causing harm. The company later reversed its position and returned to a coordinated vulnerability disclosure framework. Despite this shift, the researcher continued publishing additional exploits through independent infrastructure.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation Technology Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation
Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco Technology Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.