A security researcher known as Chaotic Eclipse has disclosed two new zero-day exploits targeting Microsoft Windows. The first, dubbed "YellowKey," allows unauthorized access to BitLocker-encrypted drives by simply copying specific files to a USB stick and rebooting into the Windows Recovery Environment. This exploit bypasses the need for encryption keys and reportedly works even with TPM and PIN protections, raising significant security concerns for millions of users worldwide. The second exploit, "GreenPlasma," allegedly provides local privilege escalation to gain system-level access by manipulating system processes. AI
Summary written by gemini-2.5-flash-lite from 2 sources. How we write summaries →
IMPACT Security vulnerabilities in BitLocker and Windows could impact the integrity of data used in AI systems and operations.
RANK_REASON Disclosure of security vulnerabilities in widely used software.
