A security researcher known as Chaotic Eclipse has disclosed two new zero-day exploits targeting Microsoft Windows. The first, dubbed "YellowKey," allows unauthorized access to BitLocker-encrypted drives by simply copying specific files to a USB stick and rebooting into the Windows Recovery Environment. This exploit reportedly bypasses BitLocker's security measures, even with TPM and PIN configurations, and its files self-delete after execution, raising concerns about a potential backdoor. The second exploit, "GreenPlasma," allegedly provides local privilege escalation to system-level access by manipulating system processes. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Security vulnerabilities in widely used operating systems and encryption tools can impact enterprise AI deployments and data security.
RANK_REASON Disclosure of security vulnerabilities in a widely used product.
