A security researcher known as Chaotic Eclipse has publicly disclosed a zero-day vulnerability in Windows Defender, named BlueHammer, which allows local privilege escalation to SYSTEM level. The exploit’s proof-of-concept code is available on GitHub. The researcher cited dissatisfaction with Microsoft’s Security Response Center as the reason for the uncoordinated release. Users are advised to monitor for unusual privilege escalation activities and await an official patch from Microsoft.
Zero-Day Flaw BlueHammer in Windows Defender Allows SYSTEM Access, Exploit Released on GitHub
