Summary

A researcher released two unpatched zero-day vulnerabilities, YellowKey and GreenPlasma, which allow attackers to bypass BitLocker encryption with physical access to the devices and escalate system privileges on Windows 11 and Server environments.

Take Action:

If you use Windows 11 or Windows Server 2022/2025, set a custom BitLocker PIN and a strong BIOS password to block unauthorized booting from USB or external media. Educate users to limit physical access to their devices until Microsoft releases official fixes.

Read the full article on BeyondMachines

This article was originally published on BeyondMachines