New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

Cybersecurity researcher 'Chaotic Eclipse' has published a proof-of-concept exploit for a second Microsoft Defender zero-day vulnerability dubbed 'RedSun' within two weeks. The exploit grants SYSTEM privileges on affected systems. This disclosure appears to be in protest of Microsoft's handling of cybersecurity research and researcher relations. The vulnerability represents a significant privilege escalation flaw in Microsoft's primary endpoint security solution. This is the second zero-day disclosed by the same researcher in a short timeframe, indicating ongoing tensions between security researchers and Microsoft's vulnerability disclosure process.