- Researchers leaked BlueHammer Windows exploit code
- Flaw enables local privilege escalation to SYSTEM
- Microsoft calls for coordinated disclosure, exploit reliability uncertain
A security researcher apparently unhappy with how Microsoft handles vulnerability disclosures has apparently decided to leak the exploit code for a zero-day flaw in the Windows operating system (OS).
In a short post published on their Blogspot page, someone with the alias Chaotic Eclipse leaked the code for a flaw called BlueHammer, a privilege escalation flaw that allows local attackers to gain SYSTEM or elevated admin permissions on the measurement endpoint.
“I didn’t bluff Microsoft, and I’m doing it again,” they said, before sharing a GitHub repository for BlueHammer.
The article continues below
“Unlike previous times, I’m not explaining how this works, any genius can figure it out,” they added. “Also, a big thank you to MSRC management for making this possible!!! And a special thank you to Tom Gallagher!”
Microsoft’s response
The poster didn’t explain their reasoning, but from the little information shared, it seems they didn’t appreciate how Microsoft handled vulnerability disclosures.
“I just really wonder what was the math behind their decision, like you knew this was going to happen and you still did whatever you did? Are they serious?” the researcher apparently said.
They stressed that the code may not work for everyone as it is somewhat buggy. Some security researchers told Bleeping Computer the exploit appears to work while others said it didn’t, confirming Chaotic Eclipse’s statement that the code has reliability issues.
When asked for comment, Microsoft provided a statement that basically said nothing:
“Microsoft has a customer obligation to investigate reported security issues and update affected devices to protect customers as quickly as possible,” Microsoft told Bleeping Computer.
“We also support coordinated vulnerability disclosure, a widely used industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community.”
BlueHammer can only be exploited by a local attacker, it was said, making it somewhat more difficult to exploit. However, criminals can gain access in a myriad of ways.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
