Skip to content
The Nexus
DossierENTITY

BlueHammer

Coverage of BlueHammer in the Nexus archive.

Earliest in view: Apr 9 · 20:13 UTCMost recent: Jun 30 · 08:53 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 30 · 08:53 UTCBLEEPING COMPUTER
    CISA: Windows BlueHammer flaw now exploited by ransomware gangs

    CISA confirmed that ransomware gangs are exploiting a Microsoft Defender privilege escalation vulnerability named BlueHammer, which was previously used in zero-day attacks. The flaw allows attackers to escalate privileges, potentially leading to system compromises.

  • SECURITYMay 28 · 20:19 UTCTHE REGISTER
    Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops

    Disgruntled bug hunter Nightmare Eclipse (Chaotic Eclipse) has released six Windows zero-days, prompting Microsoft to issue a blog post condemning uncoordinated disclosure and threatening legal action. Nightmare claims Microsoft humiliated them by deleting their MSRC account and withholding payment, vowing a major release on July 14.

  • SECURITYApr 23 · 11:05 UTCBLEEPING COMPUTER
    CISA orders feds to patch BlueHammer flaw exploited as zero-day

    CISA has directed U.S. federal agencies to address a critical privilege escalation vulnerability in Microsoft Defender, known as BlueHammer, which is currently being exploited in zero-day attacks. The flaw allows attackers to escalate privileges, posing a significant security risk.

  • SECURITYApr 17 · 13:21 UTCTHE HACKER NEWS
    Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

    Huntress warns that three zero-day vulnerabilities in Microsoft Defender—BlueHammer, RedSun, and UnDefend—are being actively exploited by threat actors to gain elevated system privileges. Two of these vulnerabilities remain unpatched, posing ongoing security risks.

  • SECURITYApr 11 · 09:37 UTCHACKER NEWS
    BlueHammer abuses Windows Defender's update process to gain SYSTEM access

    BlueHammer exploits a zero-day vulnerability in Windows Defender's update process to gain SYSTEM access. The article details the attack method and its implications for cybersecurity.

  • SECURITYApr 9 · 20:13 UTCDARK READING
    'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

    A researcher using the alias 'Chaotic Eclipse' released a PoC exploit for a zero-day vulnerability in Windows, enabling local user system takeover. The incident highlights potential issues with Microsoft's bug disclosure process, as the flaw was undisclosed prior to the exploit's release.

BlueHammer · Dossier · The Nexus