Microsoft has released a security patch for a zero-day vulnerability in its Defender security product, tracked internally as 'RoguePlanet.' The flaw was disclosed after the company’s June 2026 Patch Tuesday updates, though specific CVE identifiers have not yet been published.

The vulnerability is considered critical, with active exploitation reported in the wild. While Microsoft has not disclosed the exact CVSS score, the discovery and subsequent patch suggest a severe risk to systems relying on Defender for endpoint protection.

Technical details remain limited, but the flaw resides in Defender’s core scanning engine. Attackers could potentially bypass detection, disable or tamper with security features, gain elevated privileges, or execute arbitrary code on affected systems.

Microsoft has deployed the fix via automatic updates, and users are urged to ensure their Defender definitions are current. No manual workaround is available; the patch is the sole remedy. The timeline from disclosure to patch was swift, indicating the severity of active exploitation.

The agency that disclosed RoguePlanet has not been publicly named, and no APT groups have claimed responsibility. The incident highlights the challenge of securing even first-party security tools against targeted zero-day attacks.