VulnerabilityBleeping Computer
7.8 — HIGH
CISA orders feds to patch BlueHammer flaw exploited as zero-day
CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has been exploited in zero-day attacks. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A zero-day vulnerability in Microsoft Defender (CVE-2026-33825) has been exploited by threat actors, with evidence of 'hands-on-keyboard' activity detected in attacks. CISA has ordered Federal Civilian Executive Branch agencies to patch their Windows systems within two weeks.
⚙️Technical Details
💥Impact Assessment
Severity: High
Who Is at Risk
Federal Civilian Executive Branch agencies with Windows systems
🛡️Recommended Actions
1Apply mitigations per vendor instructions for Microsoft Defender
2Follow applicable BOD 22-01 guidance for cloud services
3Discontinue use of affected products if mitigations are unavailable
📦Affected Products
Microsoft Defender Antimalware PlatformMicrosoft Windows 11 24H2Microsoft Windows 11 25H2Microsoft Windows Server 2025
🔐NVD Verified DataVERIFIED
CVE-2026-33825 ↗CVSS 7.8 — HIGH
Attack Vector
LOCAL
Complexity
LOW
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-1220
Affected Products (CPE)
Microsoft Defender Antimalware Platform
CVE-2025-60710 ↗CVSS 7.8 — HIGH
Attack Vector
LOCAL
Complexity
LOW
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses
CWE-59
Affected Products (CPE)
Microsoft Windows 11 24H2Microsoft Windows 11 25H2Microsoft Windows Server 2025
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.