Bob πŸ‡¨πŸ‡¦πŸ‡²πŸ‡½πŸ‡ΊπŸ‡¦7h ago
Will Dormann

There's a new Windows 0day LPE that has been disclosed called BlueHammer. The reporter suggests that it's being disclosed due to how MSRC operates these days.

MSRC used to be quite excellent to work with.
But to save money Microsoft fired the skilled people, leaving flowchart followers.
I wouldn't be surprised if Microsoft closed the case after the reporter refused to submit a video of the exploit, since that's apparently an MSRC requirement now. πŸ˜‚

Anyway, yeah, it works. Maybe not 100% reliably, but well enough...

1:46pmWeb
Show threadnyanbinary6h ago
@wdormann hm, so far on 0% success rate on Windows Server, grumble grumble grumble....
Show threadcR0w πŸ΄β€β˜ οΈπŸ«ˆπŸ«6h ago
@nyanbinary @wdormann Probably have to upgrade from Server 2003 for it to work.
Show threadnyanbinary6h ago
@cR0w @wdormann 2022 & 2025, still got Azure credit to burn 
Show threadWill Dormann5h ago

@nyanbinary
WFM πŸ€·β€β™‚οΈ

Though on the Server platform, it merely goes from non-admin to elevated admin. Rather than SYSTEM.

Show threadWill Dormann5h ago
@nyanbinary
If you provide the output from the PoC for such failed attempts, that could help determine why you're getting a 0% success rate.