Microsoft Patches Trio of Windows Zero-Days Exploited by Nightmare Eclipse

1 min read
Source: BleepingComputer
Microsoft Patches Trio of Windows Zero-Days Exploited by Nightmare Eclipse
Photo: BleepingComputer
TL;DR Summary

Microsoft released June 2026 Patch Tuesday fixes for three Windows zero-days—GreenPlasma and MiniPlasma privilege-escalation flaws in the Collaborative Translation Framework and Cloud Files Mini Filter Driver, and YellowKey in WinRE—that could allow attackers to gain SYSTEM-level access or bypass BitLocker on patched Windows 11 and Windows Server 2022/2025 systems. The flaws were disclosed by Nightmare Eclipse in protest of MSRC handling, continuing a series of leaks and PoCs (BlueHammer, RedSun, UnDefend, RoguePlanet). Microsoft provided mitigations and warned about PoC disclosures, while saying it would coordinate with law enforcement if needed.

Share this article

Reading Insights

Total Reads

0

Unique Readers

20

Time Saved

3 min

vs 4 min read

Condensed

86%

62190 words

Want the full story? Read the original article

Read on BleepingComputer