Security expert publishes Windows exploit after Microsoft went silent
One security researcher discovered a previously unpatched vulnerability in Windows and reported it to the Microsoft Security Response Center. However, they didn’t respond to his report in time and now an exploit is circulating in the wild… which appears to have been created by the very researcher who discovered the vulnerability.
As BleepingComputer reports, this is a zero-day vulnerability that has been recognized as such by Microsoft but hasn’t yet been patched. The vulnerability is named “BlueHammer” and is said to even allow attackers to take over an entire Windows computer.
Analysts consider the threat to be very real. The vulnerability apparently exploits a combination of a “time-of-check to time-of-use” (TOCTOU) flaw and a misconfigured file path. It relies on a file being checked but then changing its state before it’s actually used. So, if an attacker manipulates a file during that precise window, the system ignores the initial check.
Attackers can use this method to access various system levels and escalate their privileges. Ultimately, this enables them to intercept passwords for locally created accounts and gain control of systems.
However, the process of fully exploiting the vulnerability is quite complex and doesn’t always work. Furthermore, the researcher who discovered the vulnerability published their exploit code with deliberate flaws to prevent attackers from simply using it out of the box. Nevertheless, the vulnerability is dangerous and shouldn’t be underestimated.
Microsoft’s response
Speaking to BleepingComputer, a Microsoft representative said: “Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible. We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community.”
However, this disclosure was arguably anything but “coordinated,” as the discoverer of the vulnerability acted on their own initiative, apparently out of frustration with the approach taken by Microsoft’s security team.
By the way: If you’re using Windows 11 Home, you’re missing out on the many benefits of Windows 11 Pro. To learn more, see our comparison of Windows 11 Home and Pro. If you want to upgrade, snag it for cheap in the PCWorld Software Store: now just $59 instead of $99.