May 11, 2026: The Red Sun still prevails.
-
@buherator @christopherkunz @jhr77
Right. There is no official statement that the vulnerability was actually fixed.I personally believe that it was fixed, as I can no longer reproduce the exploit with updated definitions.
I suspect that others in this thread do not agree with me.
Would be nice to have a definitive answer.
@buherator @christopherkunz @jhr77
Related: In Microsoft's world, CVEs are identifiers for software updates released on Patch Tuesday (or OOB through the same channel), not vulnerabilities. They used to have proprietary identifiers for their software updates, likeMS08-067, but when they switched to using CVEs, they didn't switch what the identifiers are for.As such, I could imagine why they didn't think a CVE was necessary for the vulnerability that allowed the RedSun exploit to work.
-
@wdormann @jhr77 @GossiTheDog Meanwhile, slightly elsewhere: https://github.com/Nightmare-Eclipse/GreenPlasma
Looking forward to seeing the writeup to this.
https://github.com/Nightmare-Eclipse/YellowKey@christopherkunz @wdormann @GossiTheDog What the h... is that yellowkey? I am a little bit afraid to try it. It sounds that it should be better prepared not on a windows system and tested on a completely separate pc.
-
@christopherkunz @wdormann @GossiTheDog What the h... is that yellowkey? I am a little bit afraid to try it. It sounds that it should be better prepared not on a windows system and tested on a completely separate pc.
@jhr77 @christopherkunz @GossiTheDog
I've not been able to reproduce YellowKey in a VMware Workstation VM.So either VMware is interfering with the
hold CRTL and do NOT lift your finger off itapparently required part of the exploit, or it simply doesn't work.Even if it did work, I suspect that it'd perhaps only work on systems that don't both with PIN-on-boot protection. Which is sort of known to be not terribly secure.
-
R relay@relay.infosec.exchange shared this topic
