A new Windows zero‑day called RoguePlanet was published today.
The security researcher known as Chaotic Eclipse, who earlier faced a criminal threat from Microsoft, released a proof‑of‑concept that grants SYSTEM privileges on fully patched Windows 10 and 11 machines. The exploit appeared just hours after Microsoft’s June Patch Tuesday, which claimed to fix a record 200 vulnerabilities. This is the seventh zero‑day the researcher has disclosed.
The timing matters because it shows that even a massive, public patch bundle can leave critical bugs unaddressed. Attackers with the exploit could take full control of a system that appears up to date, forcing enterprises to reassess reliance on patch cadence alone.
If Microsoft’s patches missed this flaw, the next round of updates will likely include a dedicated fix, but the window for abuse may already be open.