BlueHammer abuses Windows Defender's update process to gain SYSTEM access
Summary
A security news piece about a Windows Defender zero-day called BlueHammer that chains legitimate Windows components to escalate from a standard user to SYSTEM. It describes the high level attack chain, the existence of a public PoC, and the lack of a patch, with suggested mitigations for defenders. The article emphasizes defense and monitoring for SMBs.