By Matt Gonzales
Publication Date: 2026-06-12 19:35:00
A new Windows zero-day has turned BitLocker, one of Microsoft’s most trusted data-protection features, into the center of another disclosure fight.
The Register’s Jessica Lyons broke the news that security researcher Nightmare Eclipse released exploit code for a claimed BitLocker bypass called GreatXML, which the researcher says can spawn a command prompt with broad access to a protected BitLocker volume. The release followed another zero-day, RoguePlanet, which SecurityWeek reported could exploit a Microsoft Defender race condition to gain SYSTEM-level privileges.
The bigger concern for Windows admins is not just one bug. It is the pace of public exploit drops, the uncertainty around Microsoft’s response, and the widening gap between responsible disclosure norms and what is now unfolding in public.
What GreatXML claims to do
According to The Register, Nightmare Eclipse claimed GreatXML can bypass BitLocker on systems that have previously run a Microsoft Defender Offline…
