The researcher who was threatened by Microsoft has just released a seventh Windows zero-day within hours of Patch Tuesday.

The researcher who was threatened by Microsoft has just released a seventh Windows zero-day within hours of Patch Tuesday.

      Chaotic Eclipse has released RoguePlanet, their seventh Windows zero-day exploit, just hours after Microsoft’s unprecedented Patch Tuesday, which addressed a record 200 vulnerabilities. This exploit allows attackers to gain SYSTEM privileges on fully updated Windows 10 and 11 systems.

      This researcher, previously threatened with legal action by Microsoft, published the proof-of-concept shortly after Microsoft's June Patch Tuesday update. RoguePlanet takes advantage of a race condition in Windows Defender's internal processing, specifically a Time-of-Check to Time-of-Use (TOCTOU) vulnerability, enabling an unprivileged user to redirect Defender's file operations, which run with SYSTEM privileges, to execute code controlled by an attacker at the highest privilege level.

      The researcher noted, “The exploit is a race condition, so it’s a hit or miss. I have achieved a 100% success rate on some systems while it has had difficulty working on others.” Security firm ThreatLocker has confirmed the exploit's effectiveness and shared a video demonstration, with CEO Danny Jenkins remarking that application allowlisting can mitigate the risk of the exploit executing.

      The proof-of-concept was uploaded to a self-hosted Git repository following the researcher’s claims that Microsoft removed their previous work from both GitHub and GitLab, which has intensified the ongoing dispute. Microsoft has employed its Digital Crimes Unit against the researcher and cut off access to their Microsoft Security Response Center account.

      In just a few months, Chaotic Eclipse has reported seven zero-days: BlueHammer, RedSun, UnDefend, YellowKey, GreenPlasma, MiniPlasma, and now RoguePlanet. Microsoft’s June Patch Tuesday addressed two of these, GreenPlasma and YellowKey, while the others remain unaddressed. The researcher has stated that these disclosures are a response to Microsoft’s handling of the situation.

      “They treated me poorly and utilized every childish tactic they could,” the researcher expressed. “I began to question if I was dealing with a significant corporation or someone enjoying watching me struggle.”

      The timing is notable; Microsoft’s June Patch Tuesday was its largest to date, resolving 200 vulnerabilities, including 33 rated as critical and three that had been publicly disclosed. Analysts suggest this surge is partly due to AI-assisted code auditing, which is identifying vulnerabilities faster than they can be patched. The emergence of RoguePlanet just hours after such a significant update highlights the ongoing issue: even the largest patch cycle in Microsoft's history was rendered ineffective for users of Windows Defender almost immediately.

Other articles

A jazz label produced a rendition of an AI-generated song to highlight a crucial issue that the music industry has been neglecting. A jazz label produced a rendition of an AI-generated song to highlight a crucial issue that the music industry has been neglecting. A jazz record label transformed a nameless AI-generated song into a commentary on human creativity and developed a tool to support it. The trailer for Social Reckoning has been released, and Jeremy Strong seems to be an ideal selection for the role of Mark Zuckerberg. The trailer for Social Reckoning has been released, and Jeremy Strong seems to be an ideal selection for the role of Mark Zuckerberg. Aaron Sorkin is back with The Social Reckoning, a companion work to The Social Network that focuses on the Facebook whistleblower controversy, featuring Jeremy Strong in the role of Zuckerberg. Anthropic advocates for governments to possess the authority to prevent hazardous AI implementations. Anthropic advocates for governments to possess the authority to prevent hazardous AI implementations. Anthropic released two policy frameworks urging government powers to prevent risky AI models and to implement economic protections for workers at risk of displacement. Paramount is integrating Pluto TV, BET+, and Paramount+ into a single technology platform in anticipation of HBO Max. Paramount is integrating Pluto TV, BET+, and Paramount+ into a single technology platform in anticipation of HBO Max. By mid-2026, Paramount aims to consolidate its streaming technology to reduce expenses, enhance advertising, and create a strategy for integrating HBO Max following the completion of the Warner Bros. merger. The researcher that Microsoft threatened has just released a seventh Windows zero-day shortly after Patch Tuesday. The researcher that Microsoft threatened has just released a seventh Windows zero-day shortly after Patch Tuesday. Chaotic Eclipse released RoguePlanet, a Windows Defender zero-day that provides SYSTEM access on fully updated systems, just hours after Microsoft's significant update featuring 200 fixes. A city in California has recently authorized $3.15 million for police drones that can respond to 911 calls within 30 seconds. A city in California has recently authorized $3.15 million for police drones that can respond to 911 calls within 30 seconds. The council in Stockton voted unanimously 7-0 in favor of Flock drones, even after an hour of public dissent. Flock has a history of sharing data with border enforcement and monitoring an abortion.

The researcher who was threatened by Microsoft has just released a seventh Windows zero-day within hours of Patch Tuesday.

Chaotic Eclipse released RoguePlanet, a Windows Defender zero-day that provides SYSTEM access on completely updated machines, just hours after Microsoft's significant update featuring 200 fixes.