VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Three zero-days in Microsoft Defender: two vulnerabilities remain unpatched

Три zero‑day в Microsoft Defender: две уязвимости остаются без патча

Colleagues — cybersecurity alert: exploitation of three zero‑days in Microsoft Defender has been confirmed.

- BlueHammer (CVE‑2026‑33825), RedSun and UnDefend: BlueHammer and RedSun are LPEs; UnDefend causes DoS and blocks updates.
- BlueHammer was patched in Patch Tuesday; RedSun and UnDefend remain unpatched.
- Huntress observed exploitation: BlueHammer since 10 April; PoCs for the others dated 16 April. Observed commands include whoami /priv and net group.
- Huntress isolated the affected organisation.

Why this matters: attackers achieve privilege escalation and can prevent updates.

What are you doing to protect endpoints?

#cybersecurity #MicrosoftDefender #vulnerability #infosec

Latest comments

No comments yet.