Last month, a security researcher Chaotic Eclipse (better known as Nightmare-Eclipse) succeeded Bypass Windows 11’s advanced BitLocker Security function using USB memory stick. Nightmare claimed it Microsoft “deliberately” released a backdoor in the security feature:
“I could make some crazy money selling this, but no amount of money will stand between me and my commitment to Microsoft.” The company has since patched three zero-day exploits published by security researchers, including YellowKey, GreenPlasma, and MiniPlasma.
Recently, it disclosed a new zero-day vulnerability called Nightmare-Eclipse. RoguePlanetthis affects Microsoft Defender in both Windows 11 and Windows 10. An exploit could allow attackers to take full control of affected systems (via Voice Computer).
Microsoft acknowledged the vulnerability and said it was tracking the RoguePlanet zero-day exploit. CVE-2026-50656. According to the company:
“Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender, publicly named ‘RoguePlanet’. We are working to provide a high-quality security update that addresses this vulnerability. We will provide information on this CVE when an update is available.”
The security official shared a proof-of-concept exploit on a Git repository he manages, and later claimed that Microsoft had taken down the exploit hosting its own repository. GitHub and GitLab.
Exploitation is a race condition, so it’s hit or miss. On some machines I was able to get a 100% success rate, on others I struggled to get it to work. PoC for RoguePlanet works regardless of whether real-time protection is enabled or not.
Nightmare Eclipse
Perhaps more interesting is that this news comes after that Microsoft previously made Windows 11’s Defender sufficient for most PC owners. “Microsoft Defender Antivirus covers everyday risks without requiring additional software,” the company added.
The statement seemed to be quite controversial in the community, although many still agree with Microsoft’s views, including some readers of Windows Central:
“It’s no secret that Windows Defender has been the best or near-best antivirus for years. The days when third-party antivirus really served a purpose are long gone. You just slow down your system and pay for nothing.”
In a subsequent blog post, Microsoft acknowledged that Windows 11’s Defender is usually sufficient for most users. third-party tools add additional layers of protectionincluding identity monitoring or internal VPNs.
Elsewhere, Nightmare-Eclipse and Microsoft were locked in a months-long battle, with Microsoft even threatening. legal action. But following a backlash from the broader cybersecurity community, the company has said it no longer intends to pursue lawsuits against the researchers conducting or publishing their findings.
Join us Reddit at r/WindowsCentral to share your thoughts and discuss our latest news, reviews and more.
