---
title: "War with Microsoft: How the conflict with hacker Nightmare Eclipse led to a massive leak of Windows vulnerabilities"
description: "🚨 Microsoft is forced to urgently patch holes in Windows following a conflict with hacker Nightmare Eclipse. The researcher leaked exploits due to a contract breach, and now Defender and BitLocker protection are under attack. 🛑💻"
date: 2026-06-10T12:26:00.000Z
lang: en
url: https://xab.info/en/posts/war-with-microsoft-hacker-nightmare-eclipse-leak-of-windows-vulnerabilities
tags: []
publisher: "XAB.info"
---

# War with Microsoft: How the conflict with hacker Nightmare Eclipse led to a massive leak of Windows vulnerabilities

![Windows key on keyboard in context of vulnerability leak due to conflict with hacker Nightmare Eclipse](https://xab.info/media/2026/06/10/konflikt-s-microsoft-haker-nightmare-eclipse-sliv-uyazvimostey-windows/konflikt-s-microsoft-haker-nightmare-eclipse-sliv-uyazvimostey-windows-1.webp)

Microsoft's June security update was not just a routine release, but a reaction to a large-scale cyber conflict. Developers were forced to urgently fix two critical zero-day vulnerabilities that became public thanks to the actions of an independent researcher under the pseudonym Nightmare Eclipse. The situation escalated from technical to personal when the hacker accused the corporation of violating financial and legal obligations.

### Causes of the conflict: from bug bounty program to public leak

For several months, cyber researcher Nightmare Eclipse has been consistently publishing ready-made instructions and exploits (Proof-of-Concept) for hacking Windows online. According to him, this radical step was prompted by Microsoft violating agreements under the Bug Bounty program. The specialist described the situation as betrayal, stating that the company knew the consequences of its actions but still "stabbed him in the back," leaving him without a means of livelihood.

Initially, Microsoft took a hard line, publicly criticizing the hacker for "irresponsible" disclosure of information and hinting at a lawsuit. However, after a sharp reaction from the cyber community, the corporation stepped back and promised not to sue, focusing instead on eliminating threats.

### Critical vulnerabilities: GreenPlasma and MiniPlasma

In the latest update package, developers patched two issues that received zero-day status (vulnerabilities known before official protection was released):

    - **CVE-2026-45586 (GreenPlasma)**. This local privilege escalation bug was found in the Windows Collaborative Translation Framework. The error allowed attackers or malicious software with low privileges to completely bypass OS protection and gain maximum SYSTEM-level rights. Microsoft confirmed that the complexity of the attack is minimal and requires no user interaction.

    - **CVE-2020-17103 (MiniPlasma)**. Microsoft had already fixed this error six years ago. The reappearance of the bug indicates that developers accidentally reintroduced an old error into the code during the release of new Windows versions — a so-called code regression.

### Unfinished work: what remains unpatched

Despite the massive release, which closed about 200 different vulnerabilities in total, Microsoft has still not managed to eliminate all threats leaked by the hacker. In particular, the bug named **Yellow Key** remains without a full patch. It allows attackers to bypass full BitLocker disk encryption given physical access to the computer. Currently, the company has only published temporary manual instructions for protection.

The status of fixes for bugs **RedSun** (a vulnerability in Windows Defender antivirus) and **BlueHammer** also remains unknown.

### Escalation: new attack on Defender

The conflict is far from over. Alongside the release of Microsoft's June update package, hacker Nightmare Eclipse staged a new provocation — he published working exploit code for another fresh vulnerability targeting the built-in Windows Defender directly. This puts the security of millions of users whose systems rely on built-in protection at risk.