A Windows Defender 0-day patch can allow attackers to overwrite a hard disk



A Microsoft patch released Wednesday to fix a zero-day vulnerability in its Defender security engine could cause Windows machines to write files large enough to consume available disk space, the researcher who discovered the flaw said.

RoguePlanet, tracked as CVE-2026-50656, was made public in June while NightmareEclipse, the pseudonym used by the researcher, reveals along with code about using it. The vulnerability allows remote attackers to take control of Windows 10 and Windows 11 systems, even if real-time security is turned off. A few months ago, an anonymous researcher published a a few about other zero days that have sent Microsoft to delete to create patches.

Writing unlimited format files

Microsoft he said Wednesday that it wrote RoguePlanet is an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus program. The configuration will be downloaded and installed without user intervention. Wednesday’s update also includes “deep security updates to help improve security-related issues.”

Read the full article

Comments



Source link

اترك ردّاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *