A newly discovered zero-day vulnerability, dubbed GreatXML, has been released by Nightmare Eclipse, a researcher known for targeting Microsoft, which claims to bypass BitLocker encryption on Windows systems that have previously run a Microsoft Defender Offline scan1. This exploit, allegedly discovered by accident in just four hours, can reportedly spawn a command prompt with total access to the BitLocker volume. The vulnerability is particularly concerning as it can be used to gain unauthorized access to sensitive data on affected systems. GreatXML has been published on GitHub and other code-hosting platforms, making it widely available. The fact that this exploit can bypass BitLocker on any system that has ever run a Microsoft Defender Offline scan highlights the potential scope of the vulnerability. This matters to security practitioners because the window for patching zero-day vulnerabilities is typically short, making it essential to assess exposure immediately.
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
⚠️ Critical Alert
Why This Matters
Zero-day activity targeting Microsoft means patching windows are already closing — assess your exposure immediately.
References
- The Register. (2026, June 11). Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day. The Register. https://www.theregister.com/security/2026/06/11/nightmare-eclipse-drops-claimed-bitlocker-bypass-for-microsoft-windows/5254371
Original Source
The Register
Read original →