- Researcher Leaked BlueHammer Windows Exploit Code
- A flaw allows the escalation of local privileges to SYSTEM
- Microsoft calls for coordinated disclosure as reliability of exploits uncertain
A security researcher, apparently dissatisfied with the way Microsoft handles vulnerability disclosures, has apparently decided to leak exploit code for a zero-day flaw in the Windows operating system (OS).
In a short post on its Blogspot page, someone going by the pseudonym Chaotic Eclipse disclosed code for a bug called BlueHammer, a privilege escalation flaw that allows local attackers to gain elevated SYSTEM or administrator permissions on the target endpoint.
“I didn’t bluff Microsoft and I’m doing it again,” they said before sharing a GitHub repository for BlueHammer.
Article continues below
“Unlike previous times, I don’t explain how it works, all geniuses can figure it out,” they added. “A big thank you also to the management of the MSRC for making this possible!!! And a special thank you to Tom Gallagher!”
Microsoft’s response
The poster doesn’t explain their reasoning, but from what little information was shared, it appears they didn’t like the way Microsoft handled vulnerability disclosure.
“I really wonder what the calculation was behind their decision, like you knew this was going to happen and you still did what you did? Are they serious?” the researcher apparently said.
They pointed out that the code might not work for everyone because it has bugs. Some security researchers have stated BeepComputer the exploit appears to work, while others have said it does not, confirming Chaotic Eclipse’s statement that the code has reliability issues.
When asked for comment, Microsoft gave a boilerplate statement that said virtually nothing:
“Microsoft is committed to our customers to investigate reported security issues and update affected devices to protect customers as soon as possible,” Microsoft said. BeepComputer.
“We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure that issues are thoroughly investigated and resolved before public disclosure, supporting both customer protection and the security research community. »
BlueHammer can only be exploited by a local attacker, it was said, making it a bit more difficult to exploit. However, criminals can access it in various ways.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
