04 July 2026

Windows Security?

From Bleeping Computer we get the latest from Microsoft. CISA: Windows BlueHammer flaw now exploited by ransomware gangs

I usually avoid all articles about Windows these days. Since I am not using Windows, they are of no interest, but when CISA raises its head, I have to take a look.

CISA is the government agency that was named by the Department of Redundancy Department. CISA = The Cybersecurity and and Infrastructure Security Agency. (They really, really, really focused on security!) They also have a logo straight out of 1955.

CISA confirmed on Monday that ransomware gangs have begun exploiting a high-severity Microsoft Defender privilege escalation vulnerability that has previously been abused in zero-day attacks.

Dubbed BlueHammer, the security flaw (CVE-2026-33825) was leaked by a security researcher known as "Nightmare Eclipse" in early April, together with proof-of-concept exploit code, in protest at how the Microsoft Security Response Center (MSRC) handles the disclosure process.

The moral of the story: Never piss off the hackers who are reporting bugs to you. This is a lesson that executives, not just at Microsoft, will probably never learn.

Will Dormann, principal vulnerability analyst at Tharros, told BleepingComputer in April that while the issue is not easy to exploit, it gives local attackers access to the Security Account Manager (SAM) database, which contains password hashes for local accounts.

With this access, they can escalate to SYSTEM privileges and potentially take complete control of the targeted system.

I'm not sorry I left Microslop in the dust.

You can find the CISA notification at this link.

No comments:

Post a Comment

Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.

Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.