An anonymous security researchers known as Nightmare-Eclipse has published two more Windows zero-day exploits, YellowKey and GreenPlasma, after already publishing 3 earlier this year.
Makes you wonder if that’s why they’ve been trying so hard to get everyone on Windows 11. I didn’t do it. I stayed with 10 although I don’t use it. Instead, I run Kubuntu on an external SSD
Some sources say this only attacks the default bitlocker setting (TPM only) and not TPM + pin or TPM + pin + security key.
TPM only wasn’t really that secure in most cases anyway, since it was vulnerable to TPM sniffing attacks.
If anyone has further info on which modes are vulnerable that would be helpful.
Wonder if this applies to Windows 10.
They say it doesn’t work on windows 10 on the YellowKey GitHub page.
“No, TPM+PIN does not help, the issue is still exploitable regardless, I asked myself this question, can it still work in a TPM+PIN environment ? Yes it does, I’m just not publishing the PoC, I think what’s out there is already bad enough.”
I’ve never used BitLocker, but it seems unlikely that the exploit would succeed when a TPM and PIN are enabled.
If it’s not bullshit I’d be very excited to see how it works, I hope they reveal it soon.
If it’s real my best guess is that it depends on rebooting a system that was already unlocked with a PIN, leaving some crucial information still in memory or the TPM still in an open state.