1. Forum
  2. tqwNet
  3. TQW GENTECH

  • 'They mopped the floor with me and pulled every childish game the

    From TechnologyDaily@1337:1/100 to All on Friday, April 17, 2026 18:15:24
    'They mopped the floor with me and pulled every childish game they could': Disgruntled researcher releases second major Windows zero-day claims Microsoft 'would ruin my life, and they did'

    Date:
    Fri, 17 Apr 2026 17:05:00 +0000

    Description:
    Chaotic Eclipse is at it again, this time releasing a zero-day for Microsoft Defender.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Researcher Chaotic Eclipse discloses new Microsoft Defender zeroday dubbed RedSun Flaw enables local privilege escalation to SYSTEM by abusing Defenders file rewrite behavior Comes days after BlueHammer release; Microsoft says it investigates and supports coordinated disclosure The same disgruntled researcher who recently disclosed a zero-day vulnerability in Windows has now done it again, this time
    targeting Microsoft Defender, the operating system s native antivirus solution.

    A researcher with the alias Chaotic Eclipse has posted a proof-of-concept (PoC) exploit for a vulnerability they named RedSun. It is a local privilege escalation flaw that allows malicious actors SYSTEM privileges in the latest versions of Windows 10 , Windows 11 , and Windows Server, with Windows Defender enabled. "When Windows Defender realizes that a malicious file has a cloud tag, for whatever stupid and hilarious reason, the antivirus that's supposed to protect decides that it is a good idea to just rewrite the file
    it found again to its original location," Chaotic Eclipse wrote. "The PoC abuses this behavior to overwrite system files and gain administrative privileges." Article continues below You may like Disgruntled researcher
    leaks worrying Windows zero-day security flaw Microsoft flags China-based hackers using vicious new 'rapid attack' zero-days to launch ransomware at targets across the world Expert warns of Windows 11 Recall risk while Microsoft denies danger "Horrible experience" BleepingComputer confirmed the flaw does work, and says some antivirus vendors on VirusTotal are already detecting it because the executable contains an embedded EIRCAR (antivirus test file).

    The news comes roughly 10 days after Chaotic Eclipse released the code for BlueHammer, a privilege escalation flaw that allows local attackers to gain SYSTEM or elevated admin permissions on the target endpoint.

    Apparently, the researcher was unsatisfied with the way Microsoft handles vulnerability disclosure.

    "Normally, I would go through the process of begging them to fix a bug but to summarize, I was told personally by them that they will ruin my life and they did and I'm not sure if I was the only who had this horride experience or few people did but I think most would just eat it and cut their losses but for
    me, they took away everything," Chaotic Eclipse apparently said. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    "They mopped the floor with me and pulled every childish game they could. It was soo bad at some point I was wondering if I was dealing with a massive corporation or someone who is just having fun seeing me suffer but it seems
    to be a collective decision."

    In response, Microsoft said it has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible.

    "We also support coordinated vulnerability disclosure, a widely adopted industry practice that helps ensure issues are carefully investigated and addressed before public disclosure, supporting both customer protection and the security research community, the spokesperson told the publication. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/they-mopped-the-floor-with-me-and-pulle d-every-childish-game-they-could-disgruntled-researcher-releases-second-major- windows-zero-day-claims-microsoft-would-ruin-my-life-and-they-did


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)