Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company’s handling of vulnerability reports.
The vulnerability, tracked as CVE-2026-50656, was addressed through an update to the Microsoft Malware Protection Engine rather than via its monthly Patch Tuesday bundle. Microsoft said customers should ensure they’re running the latest engine version to receive the fix.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Sierra Wireless Patches Critical Vulns in Range of Wireless Routers
May 8, 2018
Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet. The more critical of the two (with a 9.4 CVSSv3 Temp Score) is a privilege-escalation bug (CVE-2018-10251), which could allow a remote attacker ...
- First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection
May 7, 2018
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10. Read more… Source: The ...
- Report: Intel Facing New Spectre-Like Security Flaws
May 4, 2018
Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a new report alleges. The report comes months after the Spectre and Meltdown flaws first rocked the silicon industry in early 2018. German magazine c’t reported on Thursday that the new security flaws in Intel CPUs have been reported to the manufacturer by many ...
- GLitch: New ‘Rowhammer’ Attack Can Remotely Hijack Android Phones
May 3, 2018
For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch, the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones. Rowhammer is a problem ...
- Millions of Home Fiber Routers Vulnerable to Complete Takeover
May 1, 2018
Consumers lucky enough to have blazing-fast 1Gbps internet access in their homes are likely to use the internet more than lower-broadband households; however, millions of them are at risk for hackers to gain wide-ranging access to their internet activities (including being able to view full browsing histories). A comprehensive assessment of various GPON home routers by vpnMentor has ...
- Volkswagen Cars Open To Remote Hacking, Researchers Warn
May 1, 2018
Over the last few years, automakers like Ford, Jeep, Nissan and Toyota have all suffered car-hacking vulnerabilities in their vehicles. Now, it looks like Volkswagen has been pulled into the mix after researchers discovered that in-vehicle infotainment (IVI) systems in certain Volkswagen-manufactured cars could be remotely hacked. Not only that, but it’s possible to pivot to more critical ...

