New BitLocker Zero-Days Bypass Encryption and Escalate Privileges on Windows

May 15, 2026 at 11:27 PM

•

1 min read

New BitLocker Zero-Days Bypass Encryption and Escalate Privileges on Windows — Photo: CyberSecurityNews

TL;DR Summary

Two new unpatched Windows BitLocker zero-days—YellowKey (encryption bypass) and GreenPlasma (privilege escalation)—were disclosed after Patch Tuesday, leaving Windows 11 and Windows Server 2022/2025 exposed. YellowKey exploits the Windows Recovery Environment to bypass full-disk encryption, granting attackers full access to the system drive with physical access; GreenPlasma could enable unauthorized commands via arbitrary memory-section creation, enabling persistence and potential kernel-level access. There is no official patch yet; mitigations include enabling a BitLocker PIN, enforcing robust BIOS passwords, guarding WinRE against tampering, and restricting physical access until Microsoft releases fixes. Windows 10 is not affected.

Topics:technology #bitlocker #cyber-security #note-only-five-allowed-using-five-tags-below #privilege-escalation #windows11 #winre #zero-day

Share this article

Windows BitLocker 0-Day Vulnerability Enables Access to Encrypted Drives CyberSecurityNews
Zero-day exploit completely defeats default Windows 11 BitLocker protections Ars Technica
Microsoft Windows Alert—Angry Hacker Drops 2 New Zero-Day Exploits Forbes
Mystery Microsoft bug leaker keeps the zero-days coming The Register
Disgruntled researcher strikes Microsoft again: drops BitLocker bypass and privilege escalation zero-days Cybernews

Reading Insights

Total Reads

Unique Readers

Time Saved

57 min

vs 58 min read

Condensed

99%

11,511 → 93 words

Want the full story? Read the original article

Read on CyberSecurityNews

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights