TL;DR
Microsoft banned researcher Nightmare-Eclipse's GitHub account after they published Windows zero-days; researcher claims unpaid bounties and promises July 14 retaliation.
Key Points
- Researcher published 6 Windows zero-days (BlueHammer, RedSun, UnDefend, GreenPlasma, MiniPlasma, YellowKey) with full/partial PoC code
- BlueHammer, RedSun, UnDefend confirmed in active wild exploitation; BitLocker vulnerability (YellowKey) allows encrypted drive access
- Researcher claims Microsoft ignored reports, refused bounty payments up to $250K for Hyper-V exploits, deleted MSRC account
- July 14 (Patch Tuesday) threatened as date for additional zero-day releases; security expert criticizes Microsoft's MSRC downsizing
Why It Matters
This escalation highlights the breakdown in responsible disclosure practices when vendors mishandle researcher reports and bounties. For sysadmins and security teams, it signals that critical Windows vulnerabilities are actively exploited in the wild with public PoCs available, requiring immediate patching strategies independent of vendor responsiveness.
Source: www.tomshardware.com