TechCrunch reports that attacks weaponizing the Windows Defender security vulnerabilities BlueHammer, UnDefend, and RedSun which have had their proof-of-concept exploits leaked by security researcher Chaotic Eclipse after a dispute with Microsoft have already compromised at least one organization.Malicious actors have been leveraging the PoC exploits to obtain admin access on targeted Windows devices, noted Huntress in a series of posts on X. Microsoft, which has only remediated BlueHammer so far, emphasized support for coordinated vulnerability disclosure after Chaotic Eclipse hinted at conflict with the firm's Security Response Center."With these being so easily available now, and already weaponized for easy use, for better or for worse, I think that ultimately puts us in another tug-of-war match between defenders and cybercriminals. Scenarios like these cause us to race with our adversaries; defenders frantically try to protect against ill-intended actors who rapidly take advantage of these exploits... especially now as it is just ready-made attacker tooling," said Huntress researcher John Hammond.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds