Understanding and Mitigating the YellowKey and GreenPlasma BitLocker Vulnerabilities

Overview

Recent discoveries of two unpatched Microsoft Windows vulnerabilities—codenamed YellowKey and GreenPlasma—have exposed serious weaknesses in BitLocker Drive Encryption and system privilege boundaries. YellowKey allows an attacker to bypass BitLocker security on TPM-only protected drives, while GreenPlasma elevates privileges from a limited account to SYSTEM level. Together, they enable full disk access without authentication. This guide explains the technical details, provides step-by-step demonstration instructions (using publicly released proof-of-concept code), lists common pitfalls, and offers effective mitigation strategies.

Understanding and Mitigating the YellowKey and GreenPlasma BitLocker Vulnerabilities — Source: www.bleepingcomputer.com

Prerequisites

Required Hardware and Software

A target computer running Windows 10 version 21H2 or Windows 11 version 22H2 (tested by researchers).
A BitLocker-encrypted system drive using TPM-only protector (no PIN, USB key, or password).
Physical access to the target (for YellowKey) or a local user account (for GreenPlasma).
A USB flash drive (at least 8 GB) for booting a Linux live environment.
The PoC scripts downloaded from the researcher's repository (e.g., yellowkey_poc.efi and greenplasma.exe).

Knowledge Assumptions

Familiarity with command-line tools, UEFI booting, and basic security concepts is assumed. Administrative privileges are required for mitigation steps.

Step-by-Step Guide

1. Demonstration of YellowKey (BitLocker Bypass)

YellowKey exploits a flaw in the TPM communication protocol: it intercepts the TPM's response to the bootloader, retrieves the Volume Master Key (VMK), and decrypts the drive. The attack requires physical access and booting from a custom EFI payload.

Prepare the boot USB: Create a bootable Linux USB (e.g., Ubuntu 22.04) and copy the yellowkey_poc.efi file to the /EFI/BOOT/ folder. Rename it to bootx64.efi.
Boot from USB: Insert the USB into the target, restart, and enter the boot menu (often F12, F2, or Del). Select the USB drive.
Run the exploit: The custom EFI will automatically execute. It presents a minimal Linux shell. Type:
```
./yellowkey_poc.efi -d /dev/sda -o keyfile.bin
```
where /dev/sda is the encrypted system disk.
Decrypt the drive: The tool outputs a keyfile.bin containing the VMK. Use dislocker to mount:
```
sudo dislocker -r /dev/sda -k keyfile.bin /mnt/decrypt
```
Then list files:
```
ls -la /mnt/decrypt/
```
All user data is now readable.

2. Demonstration of GreenPlasma (Privilege Escalation)

GreenPlasma leverages a race condition in the Windows kernel service that handles secure boot policies. It escalates from a non-administrator user to SYSTEM, even on a fully patched system (except for this vulnerability).

Log in as a standard user on the target (e.g., via RDP or local login).
Transfer the exploit (e.g., via network share or USB) the greenplasma.exe file to the user's desktop.
Execute the binary: Open a command prompt as the limited user and run:
```
greenplasma.exe
```
The tool attempts to win the race. If successful, it spawns a new command prompt with SYSTEM privileges.
Verify elevation: In the spawned window, type:
```
whoami
```
Output should show nt authority\system.
Access BitLocker keys: As SYSTEM, run:
```
manage-bde -protectors -get C:
```
This reveals the VMK, even without physical access (if the drive is already unlocked). Combined with YellowKey, an attacker gains full data access.

3. Mitigation Steps

No official patch exists yet. Apply these workarounds immediately:

Switch to enhanced protector: Use a PIN + TPM or USB key + TPM configuration. Run:
```
manage-bde -protectors -add C: -tpmandpin
```
and set a PIN during next boot. This prevents the TPM-only bypass.
Disable TPM on critical systems: In UEFI settings, set TPM to disabled. BitLocker will fall back to requiring a recovery key at boot. (Note: This may break other TPM-dependent features.)
Install OS updates: While unpatched, monitor Microsoft's Security Response Center (MSRC) for an upcoming fix. Apply all other available updates to hinder exploitation.
Restrict physical access: Use physically secure enclosures for servers and lock down workstations in accessible areas.
Enable Secure Boot and TPM measurements: Ensure Secure Boot is enabled and auditing is turned on to detect bootloader tampering.

Common Mistakes

Overconfidence in TPM-Only Protection

Many assume TPM alone is sufficient against physical attacks. YellowKey proves otherwise; always require additional factors.

Neglecting to Test on a Non-Production System

Executing PoC exploits on live production machines can corrupt the bootloader or cause blue screens. Always use a dedicated test VM or sacrificial hardware.

Ignoring the Privilege Escalation Component

GreenPlasma functions even without physical access—a low-privilege remote user can chain it with YellowKey (after gaining initial access via other means). Ensure all user accounts have minimal privileges.

Forgetting to Revoke Old Protectors

After adding a PIN protector, the old TPM-only protector remains valid. Remove it:

manage-bde -protectors -delete C: -id {old-protector-id}

Otherwise, the VMK is still accessible via the old method.

Summary

The YellowKey and GreenPlasma vulnerabilities demonstrate that BitLocker with a TPM-only protector is not resistant to determined physical attackers, and privilege escalation can be achieved even on fully updated systems. By understanding the attack flow and applying the mitigations outlined—especially using additional authentication factors and limiting physical exposure—organizations can significantly reduce risk until Microsoft releases a permanent fix.

Tags: