Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
A new Windows zero-day exploit dubbed LegacyHive has emerged immediately following Microsoft's record-breaking Patch Tuesday.
Velocity
How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →
The brief
A researcher known as Chaotic Eclipse, also referred to as Nightmare Eclipse, has released a proof-of-concept for a new Windows flaw called LegacyHive. The exploit reportedly affects systems that are fully patched and may allow for privilege escalation.
Coverage from Ars Technica and The Hacker News highlights the timing of the release, which occurred hours after Microsoft issued a record number of patches. The Register describes the exploit as "bone-shattering" but suggests it may not be as impactful as promised.
Future developments depend on the actual efficacy of the LegacyHive exploit. Coverage from Security Affairs and Cybernews indicates the flaw is the ninth Windows vulnerability associated with this researcher.
Synthesized by Archynetys from the headlines below under a strict no-invention contract. ✓ fact-checked: all claims supported by sources Updated 41m ago.
Quick answers
What is LegacyHive?
LegacyHive is a Windows zero-day exploit that potentially allows for privilege escalation.
Who released the exploit?
The exploit was unveiled by a researcher identified as Chaotic Eclipse, also known as Nightmare Eclipse.
Does patching protect against this flaw?
According to Security Affairs, the exploit affects systems that are fully patched.
Coverage (5)
- Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems Security Affairs · 12h ago
- Nightmare Eclipse returns with ninth Windows flaw: potential privilege escalation Cybernews · 12h ago
- Windows 0-day drops the same day Microsoft releases record number of patches Ars Technica · 12h ago
- LegacyHive: 'Bone-shattering' zero-day from Microsoft's serial tormentor not the haymaker that was promised The Register · 12h ago
- Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday The Hacker News · 12h ago
Topics
Related trends
Dell PCs are shutting down after Windows 11’s July update, Microsoft admits and blocks it
Microsoft has blocked the July Windows 11 update for certain Dell devices following reports of random shutdowns and overheating.
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall has issued an urgent warning after two zero-day vulnerabilities in SMA1000 series appliances were exploited in active attacks.
PowerWash Simulator gets big discount as it leaves Xbox Game Pass
Xbox Game Pass is seeing unexpected lineup shifts involving PowerWash Simulator and Tony Hawk’s Pro Skater 1+2.
Microsoft keeps proving you own NOTHING with them
Users are reporting the permanent loss of decades of digital content and gaming libraries following account deletions by Microsoft.
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
A long-standing vulnerability in Microsoft-signed UEFI shims has left Secure Boot susceptible to bypasses for a decade.
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Microsoft's July 2026 Patch Tuesday addresses a record-breaking 570 flaws, including three zero-day vulnerabilities.