Microsoft has fixed the “RoguePlanet” zero-day in Microsoft Defender


Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company’s handling of vulnerability reports.

The vulnerability, tracked as CVE-2026-50656, was addressed through an update to the Microsoft Malware Protection Engine rather than via its monthly Patch Tuesday bundle. Microsoft said customers should ensure they’re running the latest engine version to receive the fix.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

    February 5, 2025

    Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers. Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, ...

  • CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks

    February 4, 2025

    In September, 2024 the Zero Day Initiative (ZDI) Threat Hunting team identified the exploitation of a 7-Zip zero-day vulnerability used in a SmokeLoader malware campaign targeting Ukrainian entities. The vulnerability, CVE-2025-0411, was disclosed to 7-Zip creator Igor Pavlov, leading to the release of a patch in version 24.09 on November 30, 2024. CVE-2025-0411 allows the bypassing ...

  • Potential Backdoor Embedded in Contec Health CMS8000 Patient Monitor Firmware

    January 31, 2025

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a medical product advisory for the Contec Health CMS8000 Patient Monitor to address one critical and two high severity vulnerabilities. The Contec CMS8000 is a patient monitor used to display real-time information such as the vital signs of a patient, including temperature, heartbeat, and blood pressure. ...

  • TeamViewer Releases Security Updates for Privilege Escalation Vulnerability

    January 31, 2025

    TeamViewer has released a security advisory addressing a new vulnerability within the TeamViewer Remote Windows Clients. TeamViewer is a popular remote access and control software. CVE-2025-0065 is an ‘improper neutralization of argument delimiters in a command’ vulnerability with a CVSSv3 score of 7.8. An unprivileged attacker with local Windows access could use this flaw to elevate ...

  • Exploitation of Critical Vulnerability CVE-2025-23006 in SonicWall SMA1000 Series Appliances

    January 23, 2025

    SonicWall has released a security update for a critical vulnerability in Secure Mobile Access (SMA) 1000 Series appliances. This vulnerability impacts the Appliance Management Console (AMC) and Central Management Console (CMC). SonicWall Secure Mobile Access is described as a unified secure access gateway that provides a Secure Sockets Layer (SSL) virtual private network (VPN), context-aware device ...

  • Dangerous new botnet targets webcams, routers across the world

    January 22, 2025

    Cybersecurity researchers from the Qualys Threat Research Unit have observed a new large-scale operation exploiting vulnerabilities in IP cameras and routers to build out a botnet. In a technical analysis, Qualys said the attackers were mostly exploiting CVE-2017-17215 and CVE-2024-7029, seeking to compromise AVTECH IP cameras, and Huawei HG532 routers. The botnet is essentially Mirai, although ...