Also, it's a twofer with the GreenPlasma zero-day local privilege escalation.

YellowKey reportedly works in Windows 11, Windows Server 2022 and 2025, but not in Windows 10.

  • AnyOldName3@lemmy.worldEnglish
    39·
    6 hours ago

    By exploit standards, that’s not especially hard. I don’t think there’s really anything blocking accessing it at all if an NTFS volume is mounted on a typical desktop Linux distro, as it’s just NTFS permissions blocking it, and they’re not typically obeyed by Linux in the first place.

    In the face of your edit, I see that you’ve misunderstood the exploit. You need write access to the System Volume Information directory of your own USB stick, not anything on the target machine. It’s much easier to get access to things on a computer than it is to get access on one particular computer, and this exploit lets you jump from one to the other.

    • 9tr6gyp3@lemmy.worldEnglish
      102·
      6 hours ago

      Its bitlocker encrypted. You need to unlock the disk to see System Volume Information in Linux.

      • humanspiral@lemmy.caEnglish
        1·
        20 minutes ago

        does bitlocker encrypt whole volume, or userdata folders? It’s a performance issue to encrypt anything that doesn’t need to be.

      • AnyOldName3@lemmy.worldEnglish
        17·
        6 hours ago

        I’ll copy the bit here that I just edited into my reply after you edited the first post:

        In the face of your edit, I see that you’ve misunderstood the exploit. You need write access to the System Volume Information directory of your own USB stick, not anything on the target machine. It’s much easier to get access to things on a computer than it is to get access on one particular computer, and this exploit lets you jump from one to the other.