The Hacker News ·EN News source PoC public Chaotic Eclipse Nightmare-EclipseWindows User Profile Service (ProfSvc)SharePoint ServerActive Directory Federation Services
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
CVE Tools coverage
A security researcher known as Chaotic Eclipse has published a proof-of-concept (PoC) exploit for a new Windows elevation of privilege vulnerability dubbed LegacyHive. The flaw resides in the Windows User Profile Service and enables attackers to load arbitrary hive files, potentially escalating privileges. Notably, the exploit works across all supported desktop and server versions of Windows, even those updated with the July 2026 Patch Tuesday release. This follows ongoing tensions between the researcher and Microsoft over premature disclosures of other vulnerabilities.