d0rk ✅8h ago

Researcher drops #zeroday exploit, probably because researcher was pi**ed that #Microsoft required to send in a video.

#bluehammer

https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.

BleepingComputer
🅴🆁🆄🅰 🇷🇺8h ago
Уязвимость нулевого дня оказалась опубликована вместе с протипом (примером) использования. Опубликовано человеком (Chaotic Eclipse), которому не удалось сообщить о проблеме через официальные каналы Microsoft, потому что соответствующее подразделение (MSRC) захотело прямо аж видео с подтверждением работоспособности данной уязвимости. Отказываясь иначе вести диалог и принимать информацию к сведению.

Это тот апофеоз тотальной идиотии, который преобладает в Microsoft последние 10+ лет. Ниже расписано более детально по этой теме.
Очередное дно пробито, но это не первый раз, а стабильность — это верный признак мастерства.
Нет такого, что Linux или BSD-системы вдруг стали модными и популярными, это людям приходится уходить с Windows-систем из-за такого качества работы Microsoft.

#bluehammer #microsoft #windows #cve #lang_ru @Russia

RE: https://hub.hubzilla.de/item/fadba136-52e4-46e3-9101-5d8c7b0d61fb
Marcel SIneM(S)US10h ago
#BlueHammer“: #ZeroDay-Lücke in #Windows  verschafft erhöhte Rechte | Security https://www.heise.de/news/BlueHammer-Zero-Day-Luecke-in-Windows-verschafft-erhoehte-Rechte-11246762.html #Microsoft #Exploit #MicrosoftWindows 
„BlueHammer“: Zero-Day-Lücke in Windows verschafft erhöhte Rechte

Windows weist eine Zero-Day-Lücke auf, durch die Angreifer ihre Rechte ausweiten können. Ein Patch steht noch nicht bereit.

heise online
Show threadPatrick Cotter1d ago
@briankrebs Brian, your Forest Blizzard report is my reality. Case SIR23252176: I’m an NY small biz owner with 10yrs of data held by a thief. MS admits the theft but leaves a 'bot' in charge. Between token-theft & today's #BlueHammer zero-day, 'you own nothing' is a professional liability. Manually rescuing 3TB of data now to keep my clients safe. #Microsoft #SmallBusiness #Infosec
maniabel1d ago

Eine neu entdeckte Zero-Day-Schwachstelle in Windows unter dem Arbeitstitel "BlueHammer" ermöglicht Angreifenden die vollständige Systemkontrolle. Bisher gibt es keinen offiziellen Patch. Was mensch dennoch tun kann:

https://digiprax.maniabel.work/archiv/1239

#windows #bluehammer #LocalPrivilegeEscalation #infosec #up2date

The New Oil1d ago

Disgruntled researcher leaks “#BlueHammer#Windows zero-day exploit

https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/

#cybersecurity

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.

BleepingComputer
CyberVeille.ch1d ago

📢 Fuite publique de l'exploit BlueHammer : zero-day LPE non patché sur Windows
📝 ## 📰 Contexte

Publié le 6 avril 2026 par BleepingComputer, cet article rapporte la divulgation publique non c...
📖 cyberveille : https://cyberveille.ch/posts/2026-04-07-fuite-publique-de-l-exploit-bluehammer-zero-day-lpe-non-patche-sur-windows/
🌐 source : https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
#BlueHammer #LPE #Cyberveille

Fuite publique de l'exploit BlueHammer : zero-day LPE non patché sur Windows

📰 Contexte Publié le 6 avril 2026 par BleepingComputer, cet article rapporte la divulgation publique non coordonnée d’un exploit zero-day Windows par un chercheur en sécurité opérant sous les alias Chaotic Eclipse et Nightmare-Eclipse, en réaction à la gestion jugée insatisfaisante de son signalement par le Microsoft Security Response Center (MSRC). 🔍 Détails de la vulnérabilité La vulnérabilité, baptisée BlueHammer, est une élévation de privilèges locale (LPE) sur Windows. Elle combine deux techniques :

CyberVeille
securityaffairs1d ago
Experts published unpatched #Windows zero-day #BlueHammer
https://securityaffairs.com/190400/hacking/experts-published-unpatched-windows-zero-day-bluehammer.html
#securityaffairs #hacking
Experts published unpatched Windows zero-day BlueHammer - Security Affairs

A researcher leaked the unpatched Windows zero-day “BlueHammer,” letting attackers gain SYSTEM rights; no patch exists yet. A disgruntled researcher released the BlueHammer Windows zero-day, a privilege escalation flaw that allows attackers to gain SYSTEM or admin rights, Bleeping Computer reports. The researcher privately reported the vulnerability to Microsoft but criticized the way the Microsoft’s Security […]

Security Affairs