Danny Weber
05:20 19-04-2026
© RusPhotoBank
Cybersecurity researcher reveals Windows vulnerabilities in Defender, with attackers exploiting them. Microsoft ignored warnings, leaving systems at risk. Learn about the threats and patches.
A cybersecurity researcher has disclosed details of Windows vulnerabilities after claiming Microsoft ignored his warnings, with attackers already exploiting them. The publicly released code has enabled at least one real attack on an organization. The leaker, using the pseudonym Chaotic Eclipse, took this step due to the company's lack of response.
According to TechCrunch, experts at Huntress have identified exploitation of three vulnerabilities named BlueHammer, UnDefend, and RedSun. All affect Windows Defender's built-in protection, allowing attackers to escalate privileges to administrator level. The researcher posted tools for exploiting these flaws on GitHub, significantly simplifying their use.
Chaotic Eclipse publicly criticized Microsoft, stating his actions weren't pressure tactics but resulted from the company's inaction. In his message, he sarcastically thanked the Microsoft Security Response Center team responsible for handling such incidents, hinting at their role in the situation.
So far, Microsoft has patched only one vulnerability—BlueHammer—with an update this week. The other two issues remain open and continue posing risks to users. Experts note that ready-made attack tools significantly complicate system defense, turning it into a constant battle against cybercriminals, while Microsoft continues emphasizing the importance of responsible vulnerability disclosure before publication.