Summary
A security researcher leaked the 'BlueHammer' zero-day exploit for Windows, which allows local attackers to gain SYSTEM privileges by exploiting a race condition in system update workflows. The flaw is not patched as of 11th of April 2026 and affects fully patched Windows 11 systems.
Take Action:
Be aware that a Windows zero-day called "BlueHammer" is publicly leaked and unpatched. It lets any standard user escalate to full SYSTEM privileges on fully patched Windows 11 and Server systems. Be very cautious of opening new files sent via email or downloads until it's patched. For system admins - monitor for unusual Volume Shadow Copy activity and unexpected service starts from low-privileged accounts. Don't delay the next Windows patches.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)