Breaking 10:30 Third oil tanker fire near oman intensifies gulf crisis 10:21 Two dark matter deficient galaxies discovered in Fornax cluster 09:49 Google claims YouTube terms allow AI music training rights 09:39 Anthropic introduces 30-day data retention policy for Claude Fable 5 model 09:19 Foreign investors pull $26.6 billion from emerging markets in May 09:09 OpenAI signals IPO within a year as Altman sets timeline 08:49 Japan declares arrival of El Niño as Pacific warms rapidly 08:34 Morgan Stanley flags AI investment surge beyond dot-com peak levels 08:30 Gold falls as US Iran conflict shifts rate outlook 08:02 Fifa unveils official world cup 2026 anthem DNA 07:59 Morocco becomes Africa’s second largest electric vehicle market in 2025 07:55 Shell warns of unprecedented global energy crisis from Hormuz blockade 07:27 2026 World Cup stadiums set stage for historic tournament 16:31 Erdogan warns Israel actions threaten Turkey after regional escalation 16:25 Female artists set to headline Mawazine music festival lineup 2026 15:53 New Jersey residents to receive 770 free World Cup tickets 14:28 US marks 250 years of independence with Morocco partnership celebration 14:06 Senegal federation clarifies World Cup airport security video 13:20 MetLife Stadium completes preparations for Morocco, Brazil World Cup opener 13:07 Morocco faces demanding World Cup group with Brazil opener 11:29 Gold falls below 4,200 dollars as Iran conflict pressures demand 11:17 New Windows Defender zero-day enables system privileges escalation 11:15 Global AI Debt issuance set to surpass $500 billion in 2026, Morgan Stanley projects 10:52 El Niño and Hormuz crisis threaten global food security 10:47 United Kingdom rejects US warning over under-16 social media ban 10:43 Morgan Stanley forecasts $570 billion AI debt surge in 2026

New Windows Defender zero-day enables system privileges escalation

Yesterday 11:17
By: Dakir Madiha
New Windows Defender zero-day enables system privileges escalation

A new security flaw has emerged in Microsoft Defender shortly after the release of a major Patch Tuesday update cycle. The vulnerability allows attackers to gain SYSTEM-level privileges on fully updated Windows 10 and Windows 11 machines. The issue stems from a race condition inside Microsoft Defender, exposing systems even after recent security patches were applied.

The exploit, named RoguePlanet, was released as a proof-of-concept by a security researcher known as Nightmare Eclipse. The code demonstrates how local privilege escalation can be achieved on systems that have installed the June 2026 cumulative update KB5094126. Independent security analysis confirmed that the exploit functions as described and can be reproduced under real-world conditions.

ThreatLocker, a cybersecurity company, validated the findings after testing the exploit on updated Windows 11 systems. Its engineers confirmed that the attack can successfully elevate privileges under specific conditions, although execution depends on timing due to the race condition. The company noted that application allowlisting can block the exploit by restricting unauthorized execution paths on affected systems.

The researcher behind RoguePlanet stated that the exploit originally targeted remote code execution through Microsoft Defender handling of SMB share files, but later changes to Microsoft’s API forced a shift toward local privilege escalation. The researcher also described variable success rates across machines, indicating inconsistent exploitation depending on system behavior.

This disclosure is part of a broader campaign that has seen multiple zero-day releases targeting Windows components in recent months. Microsoft’s latest Patch Tuesday addressed more than 200 vulnerabilities, including several previously disclosed flaws. Among them was a privilege escalation issue in Defender that was already known to be actively exploited in the wild, highlighting continued pressure on the company’s security response cycle.

Microsoft initially reacted strongly to the wave of disclosures, suggesting possible legal action against individuals causing harm. The company later reversed its position and returned to a coordinated vulnerability disclosure framework. Despite this shift, the researcher continued publishing additional exploits through independent infrastructure.

Keywords:



Latest News États-Unis (United States)
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation Technology Microsoft rushes to contain critical React2Shell vulnerability amid global exploitation
Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco Technology Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.