A researcher has publicly disclosed proof-of-concept exploits for two unpatched Windows vulnerabilities: YellowKey, which bypasses TPM-only BitLocker encryption by placing crafted files in the Windows Recovery Environment, and GreenPlasma, a privilege escalation flaw allowing unprivileged users to create arbitrary memory-section objects. No CVSS scores, affected version ranges, fixed versions, or official workarounds are provided in the article, as these are unpatched zero-day vulnerabilities disclosed outside of Microsoft's standard process.
Vulnerability Management Researcher publishes proof-of-concept exploits for unpatched Windows vulnerabilities May 14, 2026 Share By SC Staff (Adobe Stock) A cybersecurity researcher has released proof-of-concept exploits for two unpatched Microsoft Windows vulnerabilities, YellowKey and GreenPlasma, which allow for BitLocker bypass and privilege escalation, respectively. The researcher, known as Chaotic Eclipse or Nightmare Eclipse, stated that the decision to publicly disclose these flaws stems from dissatisfaction with Microsoft's handling of bug reports, as reported by Bleeping Computer. The YellowKey exploit targets BitLocker, a drive encryption feature in Windows 11 and Windows Server 2022/2025. It functions by placing specially crafted files in the Windows Recovery Environment (WinRE) to trigger a command shell, granting unrestricted access to BitLocker-protected drives. While it does not affect TPM+PIN configurations, it can bypass TPM-only BitLocker. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to create arbitrary memory-section objects, potentially enabling manipulation of privileged services or drivers. While the provided proof-of-concept is incomplete, it hints at the possibility of achieving full SYSTEM privileges. These disclosures follow previous leaks of BlueHammer and RedSun zero-day exploits, with the researcher promising further revelations. Microsoft has stated its commitment to investigating and addressing reported security issues. Source: Bleeping Computer SC Staff Related Vulnerability Management Critical Exim vulnerability allows remote code execution SC Staff May 14, 2026 The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic. Patch/Configuration Management Critical Quest KACE SMA flaw exploited after 10 months SC Staff May 14, 2026 The critical vulnerability CVE-2025-32975 in Quest KACE Systems Management Appliance (SMA) was actively exploited by attackers who had not patched the system for 10 months after a fix was released in May 2025. Patch/Configuration Management Microsoft addresses BitLocker recovery issue in Windows 11 SC Staff May 14, 2026 The issue, acknowledged on April 14, impacts Windows 10, Windows 11, and Windows Server devices configured with an "unrecommended" BitLocker Group Policy. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds