RSS

Microsoft faces security community backlash over Nightmare Eclipse

DarrylLinington2 pts0 comments

Microsoft faces security community backlash over Nightmare Eclipse - Notebookcheck News

Reviews<br>&larr; exclude selected types<br>&larr; exclude selected tags

Microsoft's public threat to pursue criminal charges against the researcher behind six Windows zero-day disclosures has turned a vulnerability dispute into a full-scale backlash from the security community.

The researcher, known as Nightmare Eclipse, published weaponized proof-of-concept code for six Windows vulnerabilities between early April and mid-May 2026 without coordinating with Microsoft. Three flaws, BlueHammer, RedSun, and UnDefend, have been exploited in live attacks. YellowKey, GreenPlasma, and MiniPlasma remain unpatched.

Microsoft fires back

Microsoft published a formal blog post on May 28 describing the disclosures as "never justifiable" and warning its Digital Crimes Unit would pursue cases against anyone enabling criminal activity through exploit code. The company accused the researcher of bypassing coordinated vulnerability disclosure standards.

Nightmare Eclipse disputes this. The researcher claims Microsoft deleted the Security Response Center account used to file the original bug reports and refused further contact. "You literally deleted the Microsoft account I used to report bugs to you with, and I got zero pennies from doing so," the researcher wrote.

The community pushback

The security industry is not siding with Microsoft. Katie Moussouris, who pioneered bug bounty programs at Microsoft and coined the coordinated disclosure framework the company now invokes, publicly criticized the blog post on Bluesky. Invoking "responsible disclosure" was the first problem, she wrote. Adding a Digital Crimes Unit prosecution threat made it worse and would push researchers away from trusting Microsoft.

Kevin Beaumont, a former Microsoft security engineer, called the situation "a dumpster fire of their own making," noting that Microsoft previously hired SandboxEscaper after she published zero-day exploit code without warning, behaviour Redmond now describes as criminal.

What is still unpatched and what comes next

Nightmare Eclipse was banned from GitHub around May 23 and GitLab on May 26-27, and now publishes from a personal blog. A July 14 exploit release targeting July's Patch Tuesday remains a threat, with warnings of escalation to remote code execution vulnerabilities.

Administrators should treat YellowKey, GreenPlasma, and MiniPlasma as active risks. For YellowKey, Microsoft's mitigation requires manually editing the offline WinRE registry hive and stripping autofstx.exe from the BootExecute value.

A TPM+PIN pre-boot configuration cuts off the physical extraction route entirely. Defender Engine version 1.1.26040.8 or later handles RedSun and UnDefend, and that update should not wait for a scheduled maintenance window.

Source(s)

Microsoft Blog Post

The Register

The Record Media

The Barracuda Network

Microsoft Defender

Previous article<br>Casio's first MIP display Mudman watch leaks with step counter and rugged build

Add as a preferred source on Google

static version load dynamic<br>Loading Comments

Comment on this article

Related Articles

Nightmare Eclipse banned from GitHub and GitLab, vows July 14 attack<br>05/28/2026

Windows 11 update KB5089573: Shared audio & partition fix<br>05/27/2026

Windows 11: Microsoft backpedals on Copilot decision<br>05/26/2026

Windows 11 Insiders get screen tint and voice isolation<br>05/25/2026

Windows Secure Boot certificates start expiring June 24<br>05/24/2026

MiniPlasma zero-day gives SYSTEM access on fully patched Windows 11<br>05/18/2026

Microsoft brings back Windows 10 taskbar customizations to Windows 11<br>05/16/2026

Windows Secure Boot 2026: Microsoft issues final warning over expiring certificates<br>02/12/2026

Darryl Linington - Tech Writer - 299 articles published on Notebookcheck since 2025<br>I’m a tech editor and journalist with more than 20 years of experience covering smartphones, AI, gaming hardware, and emerging technology. I’m passionate about making complex topics clear, engaging, and relevant—especially when they shape how we live, work, and play.

I’m also an author with a love for psychological thrillers, horror, and honest, emotionally driven storytelling. My books include Drowning, 3:33 a.m., The Midnight Murderer, Keystrokes of Vengeance, and Life’s Too Short For This Sh!t!.

Whether I’m writing about technology or fiction, my goal is always to connect with readers, spark thought, and leave a lasting impression. Inspired by my daughters and shaped by years of media experience, I bring curiosity and purpose to everything I write.<br>contact me via: @DarrylLinington,

Facebook, DarrylLinington, LinkedIn

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 05 > Microsoft faces security community backlash over Nightmare Eclipse

Darryl Linington, 2026-05-30 (Update: 2026-05-30)

10

&larr; exclude selected types<br>&larr; exclude...

microsoft windows security nightmare eclipse from

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

Naphtha Shortages Having a Growing Impact in Japan

takakaze13 ptsnaphtha packaging products shortages calbee from
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.