CVE Tools
Back to feed
The Hacker News ·EN News source Patch releasedMicrosoft Malware Protection Engine

Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges

By The Hacker News··2 min read
CVE Tools coverage

Microsoft has issued a security update for a critical privilege escalation flaw in the Microsoft Malware Protection Engine, known as RoguePlanet (CVE-2026-50656). The vulnerability allows attackers to gain SYSTEM-level privileges through a race condition in 'mpengine.dll'. It affects the core component responsible for malware scanning and detection. The fix is included in version 1.1.26060.3008 of the engine. While no active exploitation has been reported, the flaw could enable arbitrary code execution or unauthorized system access.