Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
Summary
Microsoft has released patches for three zero-day vulnerabilities affecting Windows systems. Two of these vulnerabilities allow attackers to gain SYSTEM privileges, while the third provides access to BitLocker-encrypted drives.
IFF Assessment
The discovery and exploitation of zero-day vulnerabilities represent a significant threat to defenders, as they are unknown and unpatched at the time of discovery.
Severity
The CVSS score of 9.8 reflects the critical nature of these vulnerabilities, allowing for SYSTEM privilege escalation and access to encrypted drives with minimal user interaction required, representing a high attack vector and impact.
Defender Context
Defenders should prioritize patching these vulnerabilities immediately to mitigate the risk of SYSTEM privilege escalation and unauthorized access to sensitive data. Continuous monitoring for any signs of exploitation, even after patching, is crucial as threat actors may have already compromised systems.