New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A security researcher known as 'Chaotic Eclipse' has published a proof-of-concept exploit for a Microsoft Defender zero-day vulnerability called 'RedSun' - the second such exploit disclosed in two weeks. The PoC grants SYSTEM-level privileges, representing a critical local privilege escalation vector. The researcher claims the disclosure is a protest against Microsoft's handling of cybersecurity researchers. While this is currently a demonstration exploit, zero-day vulnerabilities in endpoint protection software pose significant risk as they can bypass security controls entirely. Organizations should monitor vendor patches and implement defense-in-depth strategies. The repeated disclosures suggest ongoing tensions between security researchers and Microsoft's disclosure practices.

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers. [...]

A security researcher known as 'Chaotic Eclipse' has published a proof-of-concept exploit for a Microsoft Defender zero-day vulnerability called 'RedSun' - the second such exploit disclosed in two weeks. The PoC grants SYSTEM-level privileges, representing a critical local privilege escalation vector. The researcher claims the disclosure is a protest against Microsoft's handling of cybersecurity researchers. While this is currently a demonstration exploit, zero-day vulnerabilities in endpoint protection software pose significant risk as they can bypass security controls entirely. Organizations should monitor vendor patches and implement defense-in-depth strategies. The repeated disclosures suggest ongoing tensions between security researchers and Microsoft's disclosure practices. A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers. [...] A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with cybersecurity researchers. [...]