defense · BleepingComputer
Microsoft patched three zero-day vulnerabilities in its June 2026 Patch Tuesday update. GreenPlasma (CVE-2026-45586) and MiniPlasma (CVE-2020-17103) are privilege escalation flaws in the Collaborative Translation Framework and Cloud Files Mini Filter Driver that allow local attackers to obtain SYSTEM-level access on fully patched Windows systems. YellowKey (CVE-2026-45585) is a backdoor in the Windows Recovery Environment that allows attackers with physical access to bypass BitLocker protection on unpatched Windows 11 and Windows Server 2022/2025 systems. All three were disclosed by a security researcher using the handle "Nightmare Eclipse" in protest of Microsoft's disclosure process.
Defense contractors handling CUI and operating Windows infrastructure should prioritize applying this month's patches immediately, particularly for systems running Windows Server 2022 or 2025. The privilege escalation vectors (GreenPlasma and MiniPlasma) pose direct risks to CMMC compliance by enabling unauthorized access to controlled technical information, while YellowKey's BitLocker bypass undermines encryption controls critical to NIST 800-171 and CMMC requirements. Healthcare and fintech organizations subject to HIPAA and PCI DSS should similarly expedite patching to maintain their encryption and access control baselines. An Omniware engagement can help assess patch deployment timelines, inventory affected systems, and verify mitigation effectiveness.
Source: BleepingComputer - https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-yellowkey-greenplasma-miniplasma-zero-days/
Source: BleepingComputer
All briefings