Anonymous researcher Nightmare-Eclipse dropped two more Windows zero-days (YellowKey, GreenPlasma) the day after Patch Tuesday, with five total released this year.
Key Takeaways
YellowKey bypasses BitLocker via USB key sequence, granting unrestricted shell access; mitigated by setting a BitLocker PIN plus BIOS password lock.
GreenPlasma is a privilege escalation flaw giving SYSTEM access; currently no known mitigation, triggers UAC prompt so silent exploit is unfinished.
Earlier drops RedSun and UnDefend were weaponized in real-world attacks within days of PoC release, per Huntress.
Researcher claims a dead man’s switch with more vulns ready, including hinted RCE disclosures targeting future Patch Tuesdays.
Forescout VP Rik Ferguson: if YellowKey holds up, a stolen laptop becomes a breach notification event, not just a hardware loss.
