A security researcher going by the name Nightmare Eclipse has published two new zero-day exploits targeting Windows, according to Tom's Hardware. The exploits, dubbed RoguePlanet and GreatXML, are described as local privilege escalation (LPE) attacks — a class of vulnerability that allows someone who already has a foothold on a machine to gain higher-level system access than they're supposed to have.
The publication continues what Tom's Hardware describes as the researcher's ongoing "vendetta" against Microsoft. Nightmare Eclipse has apparently developed a pattern of hunting down Windows vulnerabilities and releasing them publicly, putting pressure on Microsoft to respond.
A zero-day exploit is particularly significant because it refers to a vulnerability that has no official patch available at the time of disclosure. That means any Windows user could be at risk until Microsoft issues a fix — and attackers who learn of the exploits could potentially weaponize them before a patch arrives.
Local privilege escalation flaws are a critical piece of many real-world cyberattacks: while they typically require an attacker to already be present on a system, they're often the step that turns a limited intrusion into a full system compromise.
Microsoft has not yet publicly responded to the new disclosures, according to the Tom's Hardware report.
This matters because zero-day LPE vulnerabilities are a favored tool of ransomware gangs, nation-state hackers, and corporate espionage actors — and public releases raise the stakes by handing a potential weapon to anyone who goes looking.