IT之家4 月 17 日消息，微软本月早些时候遭公开的三枚 Windows 零日漏洞，目前已全部被黑客用于实际攻击。其中两枚涉及 Microsoft Defender 本地权限提升，另一枚可阻断 Defender 病毒库更新，但目前仅有 BlueHammer 获得修复。 Huntress Labs 安全研究人员于当地时间 4 月 16 日报告称，已监测到这三枚零日漏洞被利用的迹象。其中，BlueH ...

Three Defender zero-days exploited since April 10, 2026, enabling privilege escalation and DoS, forcing isolation of affected ...

微软会定期更新恶意软件定义和底层平台以应对新威胁。多数企业环境和家庭用户的默认配置会自动下载安装这些关键更新。该漏洞影响4.18.26020.6及以下版本，已在4.18.26030.3011版本中完全修复。组织和个人用户应手动验证更新状态以确保完全防 ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

使用化名"混沌日蚀"（Chaotic Eclipse）的安全研究员已公开发布了一个针对Microsoft Defender漏洞的概念验证（PoC）利用代码。 此类公开发布大大缩短了安全团队在恶意行为者武器化代码之前保护系统的时间。

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising hundreds of organizations daily.

The vulnerability was revealed by a disgruntled researcher.

A security researcher known as Chaotic Eclipse recently disclosed a vulnerability dubbed "Red Sun" affecting Microsoft ...