A security researcher known as Chaotic Eclipse has disclosed two new zero-day exploits targeting Microsoft Windows. The first, dubbed "YellowKey," allows unauthorized access to BitLocker-encrypted drives by simply copying specific files to a USB stick and rebooting into the Windows Recovery Environment. This exploit bypasses the need for encryption keys and reportedly works even with TPM and PIN protections, raising significant security concerns for millions of users worldwide. The second exploit, "GreenPlasma," allegedly provides local privilege escalation to gain system-level access by manipulating system processes. AI
影响 Security vulnerabilities in BitLocker and Windows could impact the integrity of data used in AI systems and operations.
排序理由 Disclosure of security vulnerabilities in widely used software.
- BitLocker
- Chaotic Eclipse
- GreenPlasma
- Microsoft
- Windows
- TPM
- Windows Recovery Environment
- Windows Server 2022
- Windows Server 2025
- YellowKey
- Tom's Hardware
AI 生成摘要 · Google Gemini · 来自 2 个来源。 我们如何撰写摘要 →
