If you’ve spent any time in Windows System Administration over the last decade, I can almost guarantee you’ve reached for PsExec at least once. Originally from Sysinternals and now officially part of Microsoft, PsExec is one of those deceptively simple tools that has quietly saved thousands of IT professionals from hours of sheer agony. A single executable, zero installation, no
Tag: Windows security
RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access
A freshly disclosed zero-day vulnerability in Microsoft Defender, dubbed “RedSun,” has raised alarms across enterprise security teams: an unprivileged user can escalate to full SYSTEM-level access on fully patched Windows systems. The flaw was detailed publicly in April 2026 by a researcher known as “Chaotic Eclipse” (also referenced as Nightmare‑Eclipse on GitHub). Independent verification from vulnerability analyst Will Dormann confirms
Researcher Publishes Windows Defender 0-Day ‘BlueHammer’ LPE Proof‑of‑Concept
A security researcher using the handle Chaotic Eclipse has publicly released a working proof‑of‑concept for a Windows zero‑day local privilege escalation (LPE) exploit called “BlueHammer.” The disclosure, accompanied by full source code on GitHub, was confirmed as functional by vulnerability researcher Will Dormann and demonstrates that a low‑privileged local user can escalate to NT AUTHORITYSYSTEM on affected machines. The release