Nightmare-Eclipse Drops Another BitLocker Bypass After YellowKey Patch

Cybersecurity researcher and current Microsoft nemesis, Nightmare-Eclipse, has released a new pair of zero-day Windows exploits following this week's Patch Tuesday, which had patched the last of Eclipse's initial six zero-days.

The new exploits are called "RoguePlanet," which corresponds to a Windows Defender vulnerability, and "GreatXML," which corresponds to a BitLocker bypass vulnerability. Compared to the last six exploits though, these two seem a little less severe, despite all of the media attention.

RoguePlanet relies on a race condition in Windows. Even according to Nightmare-Eclipse, "it's a hit or miss" with varying success rate on different machines, and limited to Windows 11 and Windows 10. Nightmare-Eclipse believes that the vulnerability could be used against Windows Server, but that it would need to be redesigned to do so.

In any case, RoguePlanet shouldn't be ignored--if successful, the exploit spawns a System CMD shell with full administrator rights that would...

Copyright of this story solely belongs to hothardware.com. To see the full text click HERE