Rogue researcher unleashes BitLocker bypass and SYSTEM-level Windows zero-days after Patch Tuesday
TL;DR Summary
After Patch Tuesday, a rogue researcher released a third wave of Windows zero-days, including a BitLocker bypass dubbed 'Yellow key' and a privilege-escalation called 'GreenPlasma' that could grant SYSTEM-level access; the flaws affect Windows 11, Windows Server 2022, and Windows Server 2025, with Windows 10 reportedly unaffected. The exploits are publicly available on GitHub, and the researcher frames the disclosures as a backdoor-style challenge and warns of additional releases.
- Disgruntled researcher strikes Microsoft again: drops BitLocker bypass and privilege escalation zero-days Cybernews
- Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation The Hacker News
- Mystery Microsoft bug leaker keeps the zero-days coming The Register
- Researcher Drops YellowKey, GreenPlasma Windows Zero-Days SecurityWeek
- A new Windows 11 BitLocker bypass only needs a USB stick, and the researcher thinks it's a backdoor XDA
Reading Insights
Total Reads
0
Unique Readers
11
Time Saved
4 min
vs 5 min read
Condensed
92%
837 → 69 words
Want the full story? Read the original article
Read on Cybernews