SUMMARYMicrosoft released an update on Wednesday to patch RoguePlanet, a zero-day vulnerability in the Microsoft Malware Protection Engine used by Defender on Windows 10 and Windows 11. The flaw, tracked as CVE-2026-50656, could let remote attackers gain administrative control even with real-time protection disabled. The patch itself may cause some Windows machines to write files large enough to fill available disk space.

Patch for Windows Defender 0-day could allow attackers to fill hard disk
Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images
arstechnica.com

A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk space, the researcher who discovered the flaw said.

RoguePlanet, tracked as CVE-2026-50656, came to public notice in June when NightmareEclipse, the pseudonymous name used by a researcher, disclosed it along with code for exploiting it. The vulnerability allows remote attackers to gain administrative control of Windows 10 and Windows 11 machines, even when real-time protection has been disabled. Over the past few months, the anonymous researcher has published a handful of other zero-days that have sent Microsoft scrambling to develop patches.

Writing files of unlimited size

Microsoft said Wednesday that it patched RoguePlanet with an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus app. The fix will automatically be downloaded and installed without users having to take any action. Wednesday’s update also includes “defense-in-depth updates to help improve security-related features.”

Read full article