Tag: Windows security

RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

Cybersecurity, Hacking and Exploits, Microsoft, Server and Virtualisation Leave a comment
RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

A freshly disclosed zero-day vulnerability in Microsoft Defender, dubbed “RedSun,” has raised alarms across enterprise security teams: an unprivileged user can escalate to full SYSTEM-level access on fully patched Windows systems. The flaw was detailed publicly in April 2026 by a researcher known as “Chaotic Eclipse” (also referenced as Nightmare‑Eclipse on GitHub). Independent verification from vulnerability analyst Will Dormann confirms

Continue

Researcher Publishes Windows Defender 0-Day ‘BlueHammer’ LPE Proof‑of‑Concept

Cybersecurity, Hacking and Exploits, Microsoft, Server and Virtualisation Leave a comment
Researcher Publishes Windows Defender 0-Day ‘BlueHammer’ LPE Proof‑of‑Concept

A security researcher using the handle Chaotic Eclipse has publicly released a working proof‑of‑concept for a Windows zero‑day local privilege escalation (LPE) exploit called “BlueHammer.” The disclosure, accompanied by full source code on GitHub, was confirmed as functional by vulnerability researcher Will Dormann and demonstrates that a low‑privileged local user can escalate to NT AUTHORITYSYSTEM on affected machines. The release

Continue