The Hacker News ·EN News source Patch releasedMicrosoft Malware Protection Engine
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
CVE Tools coverage
Microsoft has issued a security update for a critical privilege escalation flaw in the Microsoft Malware Protection Engine, known as RoguePlanet (CVE-2026-50656). The vulnerability allows attackers to gain SYSTEM-level privileges through a race condition in 'mpengine.dll'. It affects the core component responsible for malware scanning and detection. The fix is included in version 1.1.26060.3008 of the engine. While no active exploitation has been reported, the flaw could enable arbitrary code execution or unauthorized system access.