Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    OpenAI’s Fidji Simo steps down due to chronic illness, becomes advisor

    July 9, 2026

    Kevin Warsh names members of his Federal Reserve task forces, including Marc Andreessen, Doug McMillon

    July 9, 2026

    Coinbase legal chief Paul Grewal resigns after regulatory wins By Investing.com

    July 9, 2026
    Facebook X (Twitter) Instagram
    Addison Markets
    • Home
    • USA
    • Europe
    • Business
    • Investing
    • Tech
    • Politics
    • Contact Us
    Addison Markets
    Home»Tech»Patch for Windows Defender 0-day could allow attackers to fill hard disk
    Tech

    Patch for Windows Defender 0-day could allow attackers to fill hard disk

    franperez66q@protonmail.comBy franperez66q@protonmail.comJuly 9, 2026No Comments2 Mins Read
    Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
    Share
    Facebook Twitter LinkedIn Pinterest Telegram Email



    A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk space, the researcher who discovered the flaw said.

    RoguePlanet, tracked as CVE-2026-50656, came to public notice in June when NightmareEclipse, the pseudonymous name used by a researcher, disclosed it along with code for exploiting it. The vulnerability allows remote attackers to gain administrative control of Windows 10 and Windows 11 machines, even when real-time protection has been disabled. Over the past few months, the anonymous researcher has published a handful of other zero-days that have sent Microsoft scrambling to develop patches.

    Writing files of unlimited size

    Microsoft said Wednesday that it patched RoguePlanet with an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus app. The fix will automatically be downloaded and installed without users having to take any action. Wednesday’s update also includes “defense-in-depth updates to help improve security-related features.”

    In a post on Thursday, NightmareEclipse said the defense-in-depth additions produce behavior that may allow attackers to exhaust all available space on a hard drive by writing massive amounts of data to it. The newly introduced mitigations create a problem in mpengine.dll, the driver associated with the Microsoft Malware Protection Engine, that in some cases causes it to leak 8 bytes of data when trying to open a file. New functionality in SpyNet, a cloud service that allows Microsoft Security Essentials or Forefront Endpoint Protection to send reports about suspicious software and programs to Microsoft, also plays a role in the potential mass file-writing behavior.

    Defender normally places hard limits on how big a file can be written to disk when scanning and quarantining a machine.

    “This implementation make [sic] sense, because quarantining a huge file will cause Defender to completely exhaust the available disk space,” the researcher wrote. “I found a small exception to this rule, apparently the spynet functions in mpengine.dll really wants [sic] to keep a local copy of Zone.Identifier ADS file and it does not matter how big this file is, Windows Defender will cache it locally anyways.”



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    franperez66q@protonmail.com
    • Website

    Related Posts

    OpenAI’s Fidji Simo steps down due to chronic illness, becomes advisor

    July 9, 2026

    Anthropic names former Fed Chair Bernanke to its independent trust

    July 9, 2026

    Judge doesn’t like Elon Musk settlement with SEC, but says court can’t block it

    July 9, 2026

    Anduril CEO says it’s bad to IPO in ‘middle of a hype cycle’

    July 9, 2026

    Surprised doctors find 10-inch worm in man’s groin during elective surgery

    July 9, 2026

    Palo Alto CEO Arora says AI pricing needs to come down

    July 9, 2026
    Leave A Reply Cancel Reply

    Top Reviews
    Editors Picks

    OpenAI’s Fidji Simo steps down due to chronic illness, becomes advisor

    July 9, 2026

    Kevin Warsh names members of his Federal Reserve task forces, including Marc Andreessen, Doug McMillon

    July 9, 2026

    Coinbase legal chief Paul Grewal resigns after regulatory wins By Investing.com

    July 9, 2026

    Patch for Windows Defender 0-day could allow attackers to fill hard disk

    July 9, 2026
    © 2026 All right reserved
    • Privacy Policy
    • Terms & Conditions

    Type above and press Enter to search. Press Esc to cancel.