Tendvane

← All articles

SecurityJuly 14, 2026

A flaw in Windows' own antivirus could have handed over your whole PC - Microsoft has quietly fixed it

Microsoft Defender is the antivirus built into Windows, running quietly on almost every PC. So it stung a little when a researcher showed that Defender itself had a serious flaw. The bug - nicknamed RoguePlanet and tracked as CVE-2026-50656 - sat in the Microsoft Malware Protection Engine, Defender's core scanning component, and could let a program already on your PC climb from an ordinary user account all the way to SYSTEM, the highest level of control Windows has.

Two things keep this from being a reason to panic. It's a privilege-escalation bug, not a remote one - an attacker has to already be running code on your machine to abuse it, so it's a way to make an existing infection worse, not a way in by itself. And Microsoft says there's no sign it has been used in real attacks; a proof-of-concept exists (it works whether or not real-time protection is switched on), but that's as far as it has gone. The flaw rated 7.8 out of 10 for severity.

The genuinely good news is how little you have to do about it. Microsoft shipped the fix out of band on July 9, ahead of the regular Patch Tuesday, in engine version 1.1.26060.3008 - and Defender updates its engine and definitions automatically, usually more than once a day. If you want to be sure, open Windows Security → Settings → About and check the engine version is 1.1.26060.3008 or higher.

Tendvane's security-posture check confirms Defender is actually turned on and its protection is current, so you can see at a glance that a fix like this one has reached your machine.

Sources

Download Tendvane