今日已更新 339 条资讯 | 累计 19899 条内容
关于我们

Patch for Windows Defender 0-day could allow attackers to fill hard disk

Dan Goodin 2026年07月10日 04:52 3 次阅读 来源:Ars Technica

The feud between NightmareEclipse and Microsoft shows no signs of resolving soon.

A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk space, the researcher who discovered the flaw said. RoguePlanet, tracked as CVE-2026-50656, came to public notice in June when NightmareEclipse, the pseudonymous name used by a researcher, disclosed it along with code for exploiting it. The vulnerability allows remote attackers to gain administrative control of Windows 10 and Windows 11 machines, even when real-time protection has been disabled. Over the past few months, the anonymous researcher has published a handful of other zero-days that have sent Microsoft scrambling to develop patches. Writing files of unlimited size Microsoft said Wednesday that it patched RoguePlanet with an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus app. The fix will automatically be downloaded and installed without users having to take any action. Wednesday’s update also includes “defense-in-depth updates to help improve security-related features.” Read full article Comments
本文内容来源于互联网,版权归原作者所有
查看原文