Breaking 20:29 Trump claims senior Iranian leaders killed as tensions over Strait of Hormuz intensify 19:15 Trump announces renewed maritime blockade against Iran amid Strait of Hormuz tensions 19:00 NASA seeks four volunteers for year-long Mars mission simulation 17:30 States challenge Paramount’s $110 billion Warner Bros. Discovery takeover in major antitrust lawsuit 17:15 Bosch launches sample production at first U.S. semiconductor plant to strengthen domestic chip supply 14:30 Williams secures $5.3 billion investment from Blackstone-led consortium for power projects 13:45 Iraqi Prime Minister Ali al-Zaidi seeks major US energy investment during Washington visit 12:31 Jay-Z concert delayed in New York after ticketless fans disrupt Yankee Stadium event 12:00 Wall Street banks accelerate AI assistant adoption in race for productivity gains 11:47 US Military Reveals First Combat Use of New Unmanned Weapons in Strikes on Iran 11:30 US Ebola patient infected in Congo transferred to specialized hospital in Germany 10:56 Morrisons explores £600 million property deal with US investor Realty Income, Sky News reports 10:41 US dollar gains as Middle East tensions fuel inflation concerns 09:00 UN chief urges US and Iran to end renewed hostilities and resume diplomacy 08:35 U.S. military says Strait of Hormuz remains open despite rising tensions with Iran 08:30 France’s World Cup journey links Boston and Dallas, two cities tied to John F. Kennedy’s legacy 08:18 Support grows in U.S. Congress for bill seeking terrorist designation of Polisario Front 07:31 Stellantis reports 10% rise in second-quarter vehicle shipments driven by North American demand

New Windows Defender zero-day enables system privileges escalation

Wednesday 10 June 2026 - 11:17
By: Dakir Madiha
New Windows Defender zero-day enables system privileges escalation

A new security flaw has emerged in Microsoft Defender shortly after the release of a major Patch Tuesday update cycle. The vulnerability allows attackers to gain SYSTEM-level privileges on fully updated Windows 10 and Windows 11 machines. The issue stems from a race condition inside Microsoft Defender, exposing systems even after recent security patches were applied.

The exploit, named RoguePlanet, was released as a proof-of-concept by a security researcher known as Nightmare Eclipse. The code demonstrates how local privilege escalation can be achieved on systems that have installed the June 2026 cumulative update KB5094126. Independent security analysis confirmed that the exploit functions as described and can be reproduced under real-world conditions.

ThreatLocker, a cybersecurity company, validated the findings after testing the exploit on updated Windows 11 systems. Its engineers confirmed that the attack can successfully elevate privileges under specific conditions, although execution depends on timing due to the race condition. The company noted that application allowlisting can block the exploit by restricting unauthorized execution paths on affected systems.

The researcher behind RoguePlanet stated that the exploit originally targeted remote code execution through Microsoft Defender handling of SMB share files, but later changes to Microsoft’s API forced a shift toward local privilege escalation. The researcher also described variable success rates across machines, indicating inconsistent exploitation depending on system behavior.

This disclosure is part of a broader campaign that has seen multiple zero-day releases targeting Windows components in recent months. Microsoft’s latest Patch Tuesday addressed more than 200 vulnerabilities, including several previously disclosed flaws. Among them was a privilege escalation issue in Defender that was already known to be actively exploited in the wild, highlighting continued pressure on the company’s security response cycle.

Microsoft initially reacted strongly to the wave of disclosures, suggesting possible legal action against individuals causing harm. The company later reversed its position and returned to a coordinated vulnerability disclosure framework. Despite this shift, the researcher continued publishing additional exploits through independent infrastructure.


  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Read more

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.