"Soon after Microsoft released a May security update with no zero-days listed, an anonymous security researcher published proof-of-concept details for two unpatched Windows vulnerabilities. The bugs, dubbed YellowKey and GreenPlasma, could allow attackers to bypass BitLocker protections under specific recovery conditions or escalate local privileges to SYSTEM-level access."
"BitLocker is Microsoft's default full-disk encryption system. While other third-party disk encryption solutions exist, BitLocker leverages Windows' underlying cryptographic features to encrypt specific parts of Windows computers. It not only prevents unauthorized users from writing to a disk but also prevents them from reading its contents."
"Its encryption goes beyond read/write protections when the computer is running. BitLocker can rely on the Trusted Platform Module (TPM) chip to automatically unlock a device during boot. This effectively prevents a malicious user from loading the hard drive of an encrypted disk onto another computer."
"researcher Chaotic Eclipse has found and disclosed a bug that can allow threat actors to bypass BitLocker protection by abusing Windows Recovery Environment (WinRE) and the Windows Recovery boot flow. It works by inserting a USB stick with specially c"
Two proof-of-concept details were published for unpatched Windows vulnerabilities after Microsoft’s May Patch Tuesday update. YellowKey targets BitLocker by abusing the Windows Recovery Environment and the Windows recovery boot flow under specific recovery conditions, enabling attackers to bypass BitLocker protections. GreenPlasma targets local privilege controls, enabling escalation to SYSTEM-level access. The vulnerabilities show that a clean Patch Tuesday does not guarantee closure of every serious bug. BitLocker is described as Microsoft’s full-disk encryption system that uses Windows cryptographic features and can rely on a TPM chip to unlock during boot, preventing unauthorized access when disks are moved to other computers.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]