Nightmare Eclipse publishes new Windows Defender zero-day

https://image.theregister.com/5253747.jpg?imageId=5253747&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Angry bug hunter with Microsoft beef drops new Windows 0-day

Revenge is a dish best served code

They are angry at Redmond and will have their revenge. Nightmare Eclipse, the prolific bug hunter and possibly disgruntled ex-Microsoft employee, disclosed another zero-day vulnerability just hours after Redmond issued a record-breaking number of CVEs and fixes for June Patch Tuesday.

The latest zero-day, RoguePlanet, targets Microsoft Defender and works against fully patched Windows 10 and Windows 11 systems, according to the researcher, who also released proof-of-concept exploit code for the security flaw. Assuming the attacker can win a race condition, this bug allows local privilege escalation and leads to SYSTEM-level control over an affected machine.

Nightmare Eclipse (aka Chaotic Eclipse) is a disgruntled bug hunter with a deep understanding of Windows and an even deeper grudge against Microsoft. They claim to be an ex-employee, and accuse Redmond of ignoring vulnerability reports...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more