A newly disclosed zero-day vulnerability, termed GreatXML, allows attackers with physical access to bypass BitLocker encryption on Windows systems by exploiting the Windows Defender Offline Scan feature. This exploit requires no user login under specific conditions.
Discovered during a brief research session, the proof-of-concept (PoC) for GreatXML has been publicly released across multiple repositories. The vulnerability leverages the Windows Recovery Environment (WinRE) state initiated by Microsoft Defender’s Offline Scan. When this scan is triggered, the system reboots into a pre-boot recovery environment to perform the scan.
The exploit involves placing a specially crafted ‘unattend.xml’ file and a ‘Recovery’ directory in the root of the recovery partition. Upon rebooting into WinRE, this setup spawns a shell with unrestricted access to the BitLocker-protected volume. Screenshots accompanying the PoC demonstrate an active administrator shell during the Defender Offline Scan session, with the drive fully accessible despite being encrypted with XTS-AES 128 and showing Protection Status: On.
There are two primary exploitation paths for GreatXML:
- Automatic exploitation (no login needed): If the target machine has previously run a Defender Offline Scan, an attacker with physical access can copy the ‘unattend.xml’ and ‘Recovery’ directory to the recovery partition root and reboot into WinRE via Shift + Restart.
- Requires attacker-initiated scan: If no prior offline scan was performed, the attacker must log in to trigger the scan or find a method to boot the machine into WinRE in offline scan state without authentication.
This attack is reminiscent of the recently patched YellowKey (CVE-2026-45585) BitLocker bypass, which also exploited WinRE to access encrypted volumes through physical access. Systems with BitLocker enabled that have ever used or been subjected to a Windows Defender Offline Scan are potentially vulnerable, especially those configured with TPM-only key protection without a PIN barrier at boot. The PoC was demonstrated on Windows 10.0.26100.1 (Windows 11 24H2).
As of now, no official patch has been issued for GreatXML. The public availability of the exploit code lowers the barrier for threat actors targeting high-value systems in scenarios such as laptop theft, insider threats, or supply chain compromises.
Given the absence of an official patch, organizations should assess their exposure to this vulnerability and consider implementing additional physical security measures to mitigate potential risks.
Source: CyberSecurityNews
