Researchers Disclose YellowKey and GreenPlasma Windows Zero-Day Vulnerabilities

Researchers disclosed two new Windows zero-day vulnerabilities named YellowKey and GreenPlasma, affecting BitLocker and the Windows Collaborative Translation Framework (CTFMON). The flaws were revealed by a security researcher known as Chaotic Eclipse (also referred to as Nightmare-Eclipse). YellowKey enables attackers to bypass BitLocker protections, though specific technical details and impact severity were not fully outlined. No CVE IDs, patch release dates, or affected Windows versions were explicitly mentioned in the disclosure. The vulnerabilities were reported by Security Affairs, with additional context attributed to researcher Pierluigi Paganini.