Microsoft's Worst 'Nightmare' Unleashes BitLocker Bypass 0-Day

Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day

Nightmare Eclipse, the prolific zero-day vulnerability hunter with an axe to grind against Microsoft, released yet another exploit late Wednesday that the researcher claims will spawn a command prompt that provides total access to the BitLocker volume. This bug, called GreatXML, was “an accidental discovery,” according to the researcher, who said it only took four hours to find. They claim this exploit (published on GitHub and Git-based code-hos…

GreatXML zero-day BitLocker bypass doesn’t seem to work, yet

“If Defender offline scan was initiated in the victim machine at any point then there is no need to login, the machine is automatically vulnerable,” the researcher, who goes online by the name Nightmare Eclipse or Chaotic Eclipse, said in the exploit notes. “If Defender offline scan was never initiated then you have to either login and initiate it yourself or figure out a way to boot into WinRE in offline scan state (I believe it should be very …

Microsoft's bug-hunting nemesis extends vendetta with more zero-day attacks — Nightmare Eclipse publishes RoguePlanet and GreatXML local privilege escalation exploits

Nightmare-Eclipse's vendetta against Microsoft and Windows continues apace — researcher publishes RoguePlanet and GreatXML local privilege escalation zero-day exploits

GreatXML Windows Zero-Day Turns Defender Offline Scan Into a BitLocker Backdoor

The post-compromise technique abuses Windows Recovery Environment to create persistent access to BitLocker-encrypted data, with no patch currently available.According to the Cyderes Howler Cell team, a newly disclosed Windows zero-day called GreatXML can turn Microsoft Defender’s offline scanning process into a pathway for accessing BitLocker-encrypted data without a recovery key or user credentials.The technique targets the interaction between …

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in a post on Blogger. "If you ever attempted to use Windows Defender Offline Scan, you're