ACCORDING to Forbes, the piece reports that BlueHammer is involved in a zero-day Windows exploit drop, with a security researcher releasing the exploit code rather than a patch appearing. The article states there is no patch available, and the researcher is laying the blame at the door of the Microsoft Security Response Center.
Chaotic Eclipse, posting under a pseudonym, claimed: “I was not bluffing Microsoft, and I’m doing it again,” and linked to a GitHub repository containing the BlueHammer exploit code for a zero-day Windows vulnerability. It notes that the exploit code is publicly accessible via that repository, and that the incident has prompted widespread attention among Microsoft users.
The report contrasts this with typical zero-day disclosures where either attacks are already underway or patches are released after vendor notification. Read more at Forbes.