- BlueHammer exploit code for Windows leaked by researcher
- The flaw allows the escalation of local privileges to the SYSTEM
- Microsoft urges coordinated disclosure and reliability of exploits uncertain
A security researcher, apparently dissatisfied with the way Microsoft handles vulnerability disclosures, apparently decided to leak exploit code for a zero-day flaw in the Windows operating system (OS).
In a short post posted on his Blogspot page, a person with the alias Chaotic Eclipse leaked code for a bug called BlueHammer, a privilege escalation flaw that allows local attackers to gain elevated SYSTEM or administrator permissions on the target endpoint.
“I wasn’t fooling Microsoft and I’m doing it again,” they said, before sharing a GitHub repository for BlueHammer.
Article continues below.
“Unlike previous occasions, I’m not explaining how this works, all the geniuses can figure it out,” they added. “Also, a big thank you to the MSRC leadership for making this possible!!! And a special thanks to Tom Gallagher!”
Microsoft’s response
The poster did not explain their reasoning, but from the little information shared, it seems that they did not appreciate how Microsoft handled the vulnerability disclosure.
“I really wonder what the math was behind your decision, like you knew this was going to happen and you still did what you did. Are you serious?” the researcher apparently said.
They stressed that the code might not work for everyone as it has some bugs. Some security researchers said beepcomputer The exploit appears to work, while others said it doesn’t, confirming Chaotic Eclipse’s claim that the code has reliability issues.
When asked for comment, Microsoft gave a boilerplate statement that basically said nothing:
“Microsoft has a customer commitment to investigate reported security issues and update affected devices to protect customers as soon as possible,” Microsoft said. beepcomputer.
“We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community.”
It was said that BlueHammer can only be exploited by a local attacker, making it somewhat more difficult to exploit. However, criminals can gain access in a variety of ways.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
