📰 2026-04-11 19:00 更新
🔸 BlueHammer abuses Windows Defender’s update process to gain SYSTEM access / BlueHammer滥用Windows Defender的更新过程以获得系统访问权限
🔗 BlueHammer abuses Windows Defender’s update process to gain SYSTEM access
🔥 11 points
原文:
Windows Defender, the built-in antivirus running on every Windows machine, has a zero-day exploit with full source code sitting on GitHub. No patch, no CVE, and confirmed working on fully updated Windows 10 and 11. A researcher who says Microsoft went back on their word just handed every attacker paying attention a privilege escalation that takes any low-privileged account straight to NT AUTHORITY\SYSTEM. On Windows Server the result is different but still serious: a standard user ends up wit…
译文:
Windows Defender是运行在每台Windows计算机上的内置防病毒软件,具有零日漏洞,完整的源代码位于GitHub上。没有修补程序,没有CVE ,并确认正在完全更新的Windows 10和11上工作。一位研究人员表示,微软刚刚向每个关注此事的攻击者提供了一个特权升级,将任何低特权帐户直接交给北领地权威\系统。在Windows Server上,结果不同 但仍然很严重:标准用户最终会变得机智……
自动更新 · 正文抓取 · 双语翻译