Microsoft has released a security patch for a Defender zero-day vulnerability called RoguePlanet, disclosed following the June 2026 Patch Tuesday update.
The RoguePlanet vulnerability affects Microsoft Defender and was addressed in Microsoft's latest security patch cycle. The flaw was classified as a zero-day, meaning it was actively exploited before a fix became available.
Microsoft disclosed the vulnerability after the standard June 2026 Patch Tuesday release, when the company typically bundles security updates across its product line. The RoguePlanet flaw represents a potential security risk for systems running affected versions of Microsoft Defender.
Users of Windows systems relying on Microsoft Defender should apply the latest security patches immediately. The update addresses the vulnerability and prevents potential exploitation through Defender's core security functions.
This patch is part of Microsoft's ongoing effort to address security gaps in its antivirus and threat protection software. Organizations managing large deployments of Windows systems should prioritize patching to reduce exposure to the vulnerability.
The specific technical details of RoguePlanet's exploitation method have not been disclosed in detail, but the zero-day designation indicates it posed an active threat before remediation. Microsoft recommends users enable automatic updates to ensure timely installation of security patches.
Administrators should verify patch deployment across their environments and confirm that systems are running the patched version of Microsoft Defender. The vulnerability underscores the importance of maintaining current security software and applying updates promptly.
LastPass has issued a warning about an active phishing campaign using fraudulent security notices to redirect users to malicious websites. The scheme targets both LastPass and Bitwarden password manager users.
Microsoft has rolled out cumulative updates KB5101650 and KB5099414 for Windows 11, addressing security vulnerabilities and bugs across multiple versions. The updates target versions 25H2/24H2 and 23H2.
Iran leveraged known vulnerabilities in mobile networks to identify and target U.S. military personnel in the Middle East during the buildup to and early stages of armed conflict.
Security researchers can now validate system vulnerabilities by analyzing attack techniques rather than launching live exploits. This approach eliminates risks to critical infrastructure while still determining exploitability.