All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Microsoft threatens legal action over unpatched Windows zero-day disclosures

By

Daniel AJ Sokolov

2d ago· 4 min readenNews
Bagel score 85 of 100
85/100
Golden Brown
Bagelometer

A baker's-dozen of insight crammed into one ring.

Score85TypenewsSentimentnegative

Summary

Microsoft is threatening legal action against security researchers who publicly disclose unpatched Windows zero-day vulnerabilities. The company's Security Response Center (MSRC) expressed frustration over not being notified about vulnerabilities like RedSun, UnDefend, and BlueHammer before they were published and exploited. The discoverer of these Windows vulnerabilities denies the accusations, creating a conflict between responsible disclosure practices and public security research.

Key quotes

· 3 pulled
Microsoft disapproves of this. The company is threatening lawsuits and the police.
The discoverer of the Windows vulnerabilities denies the accusations.
In a blog post, the Microsoft Security Response Center (MSRC) expresses annoyance that it was not informed about the security vulnerabilities
Snippet from the RSS feed
Microsoft is struggling with published evidence of unpatched security vulnerabilities. The company is now threatening legal action.

You might also wanna read

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·3d ago

Security researcher publishes YellowKey zero-day exploit that bypasses Microsoft BitLocker encryption via USB stick

Security researcher Chaotic Eclipse (Nightmare-Eclipse) has published two new zero-day exploits targeting Microsoft systems after their prev

tomshardware.com·17d ago

CVE-2025-53136: Microsoft Patches Windows Kernel Information Disclosure Vulnerability Bypassing KASLR

Microsoft patched CVE-2025-53136, a kernel information disclosure vulnerability in Windows NT OS Kernel that allowed leaking kernel base add

crowdfense.com·8mo ago

Critical Misconfiguration in Microsoft's Internal Applications Exposes Sensitive Data

The article details a security researcher's discovery of a critical misconfiguration in Microsoft's internal applications, which allowed una

research.eye.security·9mo ago

Windows Defender Vulnerability Allows Malicious File Persistence Through Cloud Tag Detection

The article describes a GitHub repository called 'RedSun' that documents a Windows Defender vulnerability. The vulnerability involves Window

github.com·1mo ago

Microsoft's Role in NPM Supply Chain Security Risks and Historical Parallels

The article criticizes Microsoft as a "bad actor" and threat to software development companies, drawing parallels between current NPM supply

tane.dev·8mo ago