## Researcher Publishes YellowKey BitLocker Bypass and GreenPlasma System-Level Exploit for Windows
A security researcher has publicly released two Windows zero-day vulnerabilities—one targeting BitLocker encryption and another enabling full System-level privilege escalation—raising fresh concerns over enterprise endpoint security.

The first exploit, dubbed YellowKey, provides a method to bypass BitLocker drive encryption. Unlike software-based attacks, YellowKey requires physical access to the targeted machine, suggesting the attack vector is most relevant in scenarios involving stolen or unattended devices. The second vulnerability, GreenPlasma, goes further by allowing an authenticated attacker to escalate privileges directly to System level—the highest trust tier in Windows. System-level access grants an actor near-complete control over the operating system, effectively bypassing most integrity controls.

Both exploits appear to target Windows environments without requiring elaborate setup or pre-existing persistence mechanisms. The dual release signals a notable development in the public vulnerability landscape, particularly for organizations that rely on BitLocker as a primary data-at-rest protection layer. Security teams are now facing the challenge of assessing whether these proof-of-concept tools can be weaponized in live attacks, especially in high-privilege environments or hybrid infrastructure where physical security controls may be inconsistent. Mitigation guidance and patching status from Microsoft remained pending at time of publication.
---
- **Source**: SecurityWeek RSS
- **Sector**: The Lab
- **Tags**: windows, zero-day, bitlocker, privilege-escalation, cybersecurity
- **Credibility**: unverified
- **Published**: 2026-05-15 00:18:18
- **ID**: 83237
- **URL**: https://whisperx.ai/en/intel/83237