New Windows security vulnerabilities 'YellowKey' and 'MiniPlasma' discovered

Source:Heise Online

02 — Who / Subject

NightmareEclipse (Security Researcher)

03 — Where / Locus

Global

04 — When / Temporality

May 18, 2026

Verified: May 18, 2026

05 — Why / Core Summary

"Security researcher 'NightmareEclipse' identified 'YellowKey' in BitLocker and 'MiniPlasma' in Windows drivers. YellowKey allows local attackers with a USB stick to bypass BitLocker protection. Microsoft silently patched the 'RedSun' vulnerability in the recent Patchday."

Conflict Analysis

High-severity vulnerabilities affecting Windows encryption and driver security. The silent patching of previous vulnerabilities raises concerns about Microsoft's transparency.

Recommended Background Resource

Affiliate / AdAI Curation

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory

Author: Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters

This book provides a deep dive into Windows internals and memory forensics, which is essential for understanding how vulnerabilities like 'MiniPlasma' in drivers and BitLocker bypasses function at a low level.

Explore Background Book (Amazon)

As an Amazon Associate, COMPAMIR earns from qualifying purchases.

Post