'I was not bluffing Microsoft, and I'm doing it again': apparently disgruntled researcher leaks worrying Windows zero-day security flaw

News
By published

Researchers confirm the bug works

Fingertip pressing keyboard key with Windows logo on it
Är du ute efter bästa VPN för Windows 10 och Windwos 11? Här är våra favoriter just nu. (Image credit: Shutterstock)
  • Researcher leaked BlueHammer Windows exploit code
  • Flaw enables local privilege escalation to SYSTEM
  • Microsoft urges coordinated disclosure, exploit reliability uncertain

A security researcher, seemingly unsatisfied with how Microsoft handles vulnerability disclosures, has apparently decided to leak the exploit code for a zero-day flaw in the Windows operating system (OS).

In a short post published on their Blogspot page, a person with the alias Chaotic Eclipse leaked the code for a bug called BlueHammer, a privilege escalation flaw that allows local attackers to gain SYSTEM or elevated admin permissions on the target endpoint.

“I was not bluffing Microsoft and I'm doing it again,” they said, before sharing a GitHub repository for BlueHammer.

Article continues below

“Unlike previous times, I'm not explaining how this works, yall geniuses can figure it out,” they added. “Also, huge thanks to MSRC leadership for making this possible !!! And a special thanks to Tom Gallagher !”

Microsoft's response

The poster did not explain their reasoning, but from the little information shared, it seems they did not appreciate how Microsoft handled vulnerability disclosure.

"I'm just really wondering what was the math behind their decision, like you knew this was going to happen and you still did whatever you did ? Are they serious ?,” the researcher apparently said.

They stressed that the code might not work for everyone, since it’s somewhat bugged. Some security researchers told BleepingComputer the exploit appears to work, while others said it didn’t, confirming Chaotic Eclipse’s statement that the code has reliability issues.

When asked for a comment, Microsoft gave a boilerplate statement that basically said nothing:

"Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible,” Microsoft told BleepingComputer.

“We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community."

BlueHammer can only be exploited by a local attacker, it was said, which makes it somewhat harder to leverage. However, criminals can gain access through a myriad of ways.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.