Microsoft has fixed the “RoguePlanet” zero-day in Microsoft Defender


Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company’s handling of vulnerability reports.

The vulnerability, tracked as CVE-2026-50656, was addressed through an update to the Microsoft Malware Protection Engine rather than via its monthly Patch Tuesday bundle. Microsoft said customers should ensure they’re running the latest engine version to receive the fix.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Why iPhone users should update and restart their devices now

    January 13, 2026

    If you were still questioning whether iOS 26+ is for you, now is the time to make that call. Why? On December 12, 2025, Apple patched two WebKit zero‑day vulnerabilities linked to mercenary spyware and is now effectively pushing iPhone 11 and newer users toward iOS 26+, because that’s where the fixes and new memory ...

  • Threat Brief: MongoDB Vulnerability (CVE-2025-14847)

    January 13, 2026

    On Dec. 19, 2025, MongoDB publicly disclosed MongoBleed, a security vulnerability (CVE-2025-14847) that allows unauthenticated attackers to leak sensitive heap memory by exploiting a trust issue in how MongoDB Server handles zlib-compressed network messages. This flaw occurs prior to authentication, meaning an attacker only needs network access to the database’s default port to trigger it. Read more… Source: ...

  • ‘ZombieAgent’ zero click vulnerability allows for silent account takeover

    January 9, 2026

    OpenAI recently introduced a new feature for ChatGPT which, unfortunately, also puts users at risk of data exfiltration and persistent access. In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows ChatGPT to connect to numerous other apps, such as calendars, cloud storage, email accounts, and similar ...

  • 10 emergency directives retired as CISA declares them redundant

    January 9, 2026

    The US Cybersecurity and Infrastructure Security Agency (CISA) retired ten Emergency Directives (ED) it issued between 2019 and 2024, saying they achieved their purpose and are no longer needed. In a short announcement published on its website, CISA said the EDs have either been successfully implemented or are now encompassed through Binding Operational Directive (BOD) 22-01, ...

  • CVE-2026-21858: Maximum-severity n8n flaw lets randos run your automation server

    January 8, 2026

    A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn’t even require logging in. The vulnerability, uncovered by researchers at security outfit Cyera, carries a CVSS score of 10.0 and has been dubbed “ni8mare” for good reason. Tracked ...

  • Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit

    January 8, 2026

    Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information – and warned that a public, proof-of-concept exploit for the flaw exists online. ISE is Cisco’s network access control and security policy platform, and companies use it to ...