Overview
- Microsoft says a researcher publicly released six unpatched Windows flaws without prior notice and called the action irresponsible because it put customers at unnecessary risk.
- The named flaws include RedSun, BlueHammer, YellowKey, UnDefend, GreenPlasma, and MiniPlasma, which target Microsoft Defender, BitLocker, and the Windows Cloud Filter driver and carry CVE identifiers for several entries.
- Microsoft reports its security teams are racing to build mitigations and patches while the public proof‑of‑concept code has been copied across code hosts, prompting GitHub and GitLab to remove the researcher’s accounts and uploads.
- Security reporting links BlueHammer, RedSun, and UnDefend to active exploitation in the wild, and U.S. authorities have required federal agencies to apply emergency fixes and remediation steps.
- The conflict highlights tension in coordinated vulnerability disclosure practices as AI speeds up discovery, raising questions about whether the traditional 90‑day embargo still gives vendors enough time to protect users.