A researcher known as Nightmare-Eclipse has released yet another Microsoft zero-day exploit — this one called RoguePlanet — timed to drop right after Microsoft's June Patch Tuesday, which addressed a record 206 CVEs.
The new exploit targets Windows Defender via a race condition, potentially granting attackers full SYSTEM-level access on Windows 10 and 11. It's the latest salvo in a months-long feud that began in April with the BlueHammer exploit. Microsoft has since patched several of Nightmare-Eclipse's disclosures, but real-world exploitation has already occurred.
The researcher claims to have more vulnerabilities in Defender and other Windows components ready to go.
Source: Dark Reading