Six Microsoft Defender Zero-Days in 90 Days: BlueHammer, RedSun, UnDefend, GreenPlasma, YellowKey, RoguePlanet — Three Exploited Before Patches, One Still Open Today
One researcher. Six Microsoft Defender zero-days in 90 days. Three confirmed exploited in the wild before patches existed. One — RoguePlanet — still unpatched on every Windows 10 and Windows 11 device today. The Chaotic Eclipse / Nightmare Eclipse disclosure campaign began after a disputed Microsoft MSRC interaction, escalated when Microsoft threatened legal action and took down the researcher’s GitHub account, and has produced a cascade of SYSTEM-level exploits that the entire security community has condemned Microsoft for mishandling.
