By Interestana AI Editorial — AI-drafted, human-overseen. How we report
Microsoft Patches Defender Flaw Granting SYSTEM Privileges

Microsoft released security updates this week to address a critical vulnerability in its Defender antivirus software, nearly a month after the flaw's details were publicly disclosed. The vulnerability, designated CVE-2026-50656, is classified as a privilege escalation issue with a CVSS score of 7.8. This flaw resides within the Microsoft Malware Protection Engine, specifically in the "mpengine.dll" component, which is responsible for scanning, detecting, and cleaning malware for Microsoft's antivirus products.
The vulnerability, dubbed RoguePlanet by researchers at SentinelOne, could allow an attacker to gain SYSTEM-level privileges on a vulnerable system. This level of access is the highest possible on a Windows operating system, enabling an attacker to execute arbitrary code, install programs, view, change, or delete data, and create new accounts with full administrative rights. The exploitation of this flaw would typically require an attacker to trick a user into opening a specially crafted file. Once the file is processed by the Microsoft Malware Protection Engine, the vulnerability could be triggered.
SentinelOne researchers first disclosed the details of the RoguePlanet vulnerability on January 15, 2026, approximately 28 days before Microsoft issued its patch. The company's advisory for CVE-2026-50656 indicates that the vulnerability affects multiple versions of Microsoft Defender Antivirus, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud, and Microsoft Defender for Business. The successful exploitation of this flaw would grant an attacker the ability to execute code at the kernel level, effectively giving them complete control over the affected machine.
Microsoft's security update addresses the vulnerability by correcting how the Microsoft Malware Protection Engine handles certain files. While the company has not reported any active exploitation of this vulnerability in the wild, the disclosure of such a critical flaw necessitates prompt patching to mitigate potential risks. Users are strongly advised to ensure their Microsoft Defender Antivirus definitions and the engine itself are up to date to protect against this and other emerging threats.
Original source — read the full reporting at the publisher:
Read on The Hacker NewsGet the weekly AI digest
AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.