The other day, we reported that Microsoft had patched RoguePlanet, a zero-day vulnerability in the Defender security app. RoguePlanet was a serious flaw that allowed hackers to gain full access to vulnerable PCs, so the patch to Microsoft’s Malware Protection Engine was much needed.
However, according to Nightmare-Eclipse, the anonymous cybersecurity researcher who first discovered RoguePlanet, there’s actually another serious flaw in the very update that addressed RoguePlanet.
Normally, Defender is careful when handling file sizes, with hard limits on how large a file can be when scanning and quarantining. However, Nightmare-Eclipse found a small exception that causes Defender to cache a file locally regardless of its file size. You can see where this is going—when abused, Defender will run out your disk space.
Per his MO, Nightmare-Eclipse has created a proof-of-concept exploit that shows how bad it can be. By placing a malicious file on an SMB server, he’s able to make it so that any PC that visits the SMB server will exhaust its disk space via Defender.
So far, he’s been able to reproduce the bug in both Windows 11 25H2 and Windows Server 2025. Microsoft hasn’t yet commented on the new issue caused by its patch, reports Neowin.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.
