A researcher known as Chaotic Eclipse or Nightmare Eclipse has released proof-of-concept exploits for two unpatched Windows flaws, YellowKey and GreenPlasma, affecting BitLocker and privilege escalation. The leaks follow earlier disclosures of BlueHammer and RedSun, and the researcher says more Windows exploit releases may come before the next Patch Tuesday. #YellowKey #GreenPlasma #BlueHammer #RedSun #ChaoticEclipse #NightmareEclipse
Keypoints
- YellowKey is a BitLocker bypass affecting Windows 11 and Windows Server 2022/2025.
- The exploit abuses WinRE and NTFS transaction handling to spawn a shell with access to encrypted data.
- GreenPlasma is a Windows privilege-escalation flaw that may lead to SYSTEM-level access.
- The GreenPlasma PoC is incomplete, but it shows a path toward full privilege escalation.
- Chaotic Eclipse says more exploit leaks are coming, including a possible surprise for Microsoftβs next Patch Tuesday.