Security researcher named Chaotic Eclipse shared two new Windows 11 vulnerabilities with the public due to his dissatisfaction with Microsoft’s error reporting processes. These vulnerabilities, called YellowKey and GreenPlasma, were published along with proof-of-concept files that seriously threatened the security of the system.

The vulnerability, called YellowKey, targets the Windows Recovery Environment (WinRE) and disables the BitLocker encryption system. This method allows people with physical access to access encrypted files without a user password.

YellowKey and GreenPlasma details

The researcher notes that YellowKey exploits recovery mode components that can access decrypted drives during boot and repair processes. Independent security researcher Kevin Beaumont confirmed that the vulnerability in question works and recommended precautions such as the use of BitLocker PIN code and BIOS password.

However, Chaotic Eclipse argues that such measures do not completely eliminate the threat. On the other hand, the second vulnerability, called GreenPlasma, targets the Windows CTFMON input and text services component.

This vulnerability, which allows a user with low privileges or malware to gain access at the SYSTEM level, gives attackers full control over the system. Chaotic Eclipse has announced a total of five different Windows 11 vulnerabilities since April, including RedSun, UnDefend, and BlueHammer.

Microsoft had previously patched the BlueHammer vulnerability with the code CVE-2026-33825. In its statement regarding these newly discovered vulnerabilities, the company stated that they are committed to investigating reported security issues and support a coordinated vulnerability disclosure process.

A Microsoft spokesperson noted that such processes are intended to ensure that issues are carefully reviewed before they are made public, and to support both customer protection and the security community.

The company emphasizes that it will continue to follow its standard procedures on the issue. What do you think about these new security risks appearing in Windows 11?