The author of the BlueHammer exploit , which was released earlier this month and addressed in the last Patch Tuesday, continues to be annoyed with the responses from the Microsoft security research and vulnerability response team, and has released another Windows zero-day attack against Windows Defender. The RedSun exploit targets a logic and timing error in Windows Defender, convincing it to  install  the target file in the system, instead of  quarantining  the file and protecting the system. Not, generally, what you would hope would happen. Since the RedSun attack requires local access in the first place, it seems unlikely Microsoft will release an out-of-sequence patch for it, however with public code available, we can probably expect to see malware leveraging it to establish higher permissions on an infected system. Releasing exploits out of spite feels like a return to the late 1990s, and I almost don’t hate it.…