- Researcher leaked BlueHammer Windows exploit code
- Flaw enables local privilege escalation to SYSTEM
- Microsoft urges coordinated disclosure, exploit reliability uncertain
A security researcher, seemingly unsatisfied with how Microsoft handles vulnerability disclosures, has apparently decided to leak the exploit code for a zero-day flaw in the Windows operating system (OS).
In a short post published on their Blogspot page, a person with the alias Chaotic Eclipse leaked the code for a bug called BlueHammer, a privilege escalation flaw that allows local attackers to gain SYSTEM or elevated admin permissions on the target endpoint.
“I was not bluffing Microsoft and I’m doing it again,” they said, before sharing a GitHub repository for BlueHammer.
Article continues below
“Unlike previous times, I’m not explaining how this works, yall geniuses can figure it out,” they added. “Also, huge thanks to MSRC leadership for making this possible !!! And a special thanks to Tom Gallagher !”
Microsoft’s response
The poster did not explain their reasoning, but from the little information shared, it seems they did not appreciate how Microsoft handled vulnerability disclosure.
“I’m just really wondering what was the math behind their decision, like you knew this was going to happen and you still did whatever you did ? Are they serious ?,” the researcher apparently said.
They stressed that the code might not work for everyone, since it’s somewhat bugged. Some security researchers told BleepingComputer the exploit appears to work, while others said it didn’t, confirming Chaotic Eclipse’s statement that the code has reliability issues.
When asked for a comment, Microsoft gave a boilerplate statement that basically said nothing:
“Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible,” Microsoft told BleepingComputer.
“We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community.”
BlueHammer can only be exploited by a local attacker, it was said, which makes it somewhat harder to leverage. However, criminals can gain access through a myriad of ways.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/iGi8rqmXBTK3ZPbi4ExzfW-2000-80.jpg
Source link
