SECURITY researcher Nightmare Eclipse has released a new exploit called GreatXML that bypasses Windows BitLocker protection, allowing access to the command prompt with SYSTEM privileges in Recovery Mode. This exploit targets a vulnerability found in Microsoft Defender's offline scan functionality, which renders any system vulnerable once the scan is initiated.
The proof-of-concept code includes an XML file that needs to be placed in the recovery partition, facilitating the exploit when the system is rebooted in Recovery Mode. This release follows the disclosure of another zero-day vulnerability named RoguePlanet, highlighting ongoing security issues in Microsoft products.