Researcher Drops YellowKey, GreenPlasma Windows Zero-Days
Overview
A security researcher has disclosed two serious vulnerabilities in Windows, known as YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that allows unauthorized access to encrypted drives, but it requires physical access to the device. GreenPlasma, on the other hand, enables attackers to elevate their privileges to System level, potentially giving them full control over the affected system. These vulnerabilities pose a significant risk to users and organizations that rely on Windows for sensitive tasks. Companies should assess their physical security measures and apply necessary updates to protect against these risks.
Key Takeaways
- Affected Systems: Windows operating systems with BitLocker enabled
- Action Required: Users should implement physical security measures and monitor for updates from Microsoft regarding these vulnerabilities.
- Timeline: Newly disclosed
Original Article Summary
YellowKey is a BitLocker bypass that requires physical access. GreenPlasma enables elevation of privileges to System. The post Researcher Drops YellowKey, GreenPlasma Windows Zero-Days appeared first on SecurityWeek.
Impact
Windows operating systems with BitLocker enabled
Exploitation Status
The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.
Timeline
Newly disclosed
Remediation
Users should implement physical security measures and monitor for updates from Microsoft regarding these vulnerabilities.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Windows, Zero-day, Microsoft.