A zero-day vulnerability named BlueHammer in Windows Defender allows attackers to escalate privileges from low-level accounts to SYSTEM-level access on Windows 10/11, with full exploit code publicly released on GitHub. The researcher claims Microsoft broke an agreement, leading to the disclosure without a patch or CVE assignment. This poses an immediate critical risk to all Windows users relying on the built-in antivirus.
Background
Windows Defender is Microsoft's built-in antivirus solution included in all modern Windows systems, commonly trusted as a core security layer. Zero-day vulnerabilities in such widely deployed software are critically impactful due to the lack of immediate patches.
- Source
- Lobsters
- Published
- Apr 11, 2026 at 06:53 PM
- Score
- 9.0 / 10