A cybersecurity researcher has released proof-of-concept exploits for two unpatched Microsoft Windows vulnerabilities, YellowKey and GreenPlasma, which allow for BitLocker bypass and privilege escalation, respectively. The researcher, known as Chaotic Eclipse or Nightmare Eclipse, stated that the decision to publicly disclose these flaws stems from dissatisfaction with Microsoft's handling of bug reports, as reported by Bleeping Computer.The YellowKey exploit targets BitLocker, a drive encryption feature in Windows 11 and Windows Server 2022/2025. It functions by placing specially crafted files in the Windows Recovery Environment (WinRE) to trigger a command shell, granting unrestricted access to BitLocker-protected drives. While it does not affect TPM+PIN configurations, it can bypass TPM-only BitLocker.GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to create arbitrary memory-section objects, potentially enabling manipulation of privileged services or drivers. While the provided proof-of-concept is incomplete, it hints at the possibility of achieving full SYSTEM privileges.These disclosures follow previous leaks of BlueHammer and RedSun zero-day exploits, with the researcher promising further revelations. Microsoft has stated its commitment to investigating and addressing reported security issues.Source: Bleeping Computer
Vulnerability Management
Researcher publishes proof-of-concept exploits for unpatched Windows vulnerabilities

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



