Zero-Day Exploit Completely Defeats Default Windows 11 BitLocker Protections
The researcher said the flaws affect Windows 11 and Windows Server 2022/2025 and can expose a SYSTEM shell, Kevin Beaumont confirmed.
- A security researcher known as Chaotic Eclipse published proof-of-concept exploits for two unpatched Microsoft Windows vulnerabilities: the YellowKey BitLocker bypass and the GreenPlasma privilege-escalation flaw.
- YellowKey allows unauthorized access to BitLocker-protected drives on Windows 11 and Windows Server 2022/2025, while GreenPlasma creates an elevation of privileges vulnerability that could grant attackers SYSTEM permissions.
- Researcher Dormann explained that YellowKey exploits NTFS transactions via the Windows Recovery image to launch a CMD.EXE shell; independent security researcher Kevin Beaumont confirmed the exploit as a valid BitLocker backdoor.
- Microsoft issued a statement to BleepingComputer promising to investigate reported security issues and "update impacted devices to protect customers as soon as possible."
- These latest zero-day flaws follow the researcher's previous disclosures of the BlueHammer and RedSun local privilege escalation exploits, both of which began seeing exploitation in the wild shortly after public disclosure.
17 Articles
17 Articles
Zero-day exploit completely defeats default Windows 11 BitLocker protections
A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds. The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make …
BitLocker is a crucial tool for data security, but it now faces new threats. In this article, we'll review the new vulnerability that threatens Windows 11 users. Summary: BitLocker contains a new, previously unknown vulnerability that allows attackers to gain full access to the file system. An attacker with physical access can use a USB drive and WinRE to bypass recovery and open a command-line window. Enable a BitLocker PIN, a strong password, …
Exposed: The Alarming YellowKey GreenPlasma Zero-Days Threatening Windows Millions
In a shocking turn of events that has sent ripples throughout the cybersecurity community, a security researcher going by the names Chaotic Eclipse and Nightmare Eclipse has publicly disclosed two zero-day vulnerabilities in Windows 11. This revelation took place earlier this week, on Tuesday, and has raised urgent concerns regarding the effectiveness of core Windows security features. The two exploits, dubbed YellowKey and GreenPlasma, are part…
Recent failures reported by the researcher Chaotic Eclipse have again put Microsoft's encryption system under heavy pressure. YellowKey and GreenPlasma's baptized exploits show how internal Windows mechanisms can be explored to compromise the security of BitLocker, a widely used solution to protect data on corporate notebooks and corporate desktops. Concept evidence published in recent weeks has drawn the attention of the cybersecurity community…
Coverage Details
Bias Distribution
- 75% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
