Nightmare Eclipse has released another Windows zero-day, LegacyHive, a local privilege escalation flaw in the Windows User Profile Service that can let an attacker load other users’ hives, including administrator hives. The researcher also shared a stripped proof-of-concept that works on systems with Microsoft’s July 2026 patches, while Microsoft has not yet acknowledged the issue. #NightmareEclipse #ChaoticEclipse #LegacyHive #WindowsUserProfileService
Keypoints
- Nightmare Eclipse released a new Windows zero-day called LegacyHive.
- LegacyHive is a local privilege escalation flaw in the Windows User Profile Service.
- The exploit can load other users’ hives, including administrator hives.
- A stripped proof-of-concept was released to reduce in-the-wild abuse.
- Microsoft has not yet publicly acknowledged the LegacyHive vulnerability.
Read More: https://www.securityweek.com/nightmare-eclipse-drops-legacyhive-windows-zero-day/