XDA Developers on MSN

A new Windows 11 BitLocker bypass only needs a USB stick, and the researcher thinks it's a backdoor

Apparently, not even TPM+PIN is safe from YellowKey.
SecurityWeek

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.
Hosted on MSN

Researcher reveals USB-based BitLocker bypass in Windows 11

What is YellowKey?: A zero-day exploit allowing BitLocker bypass on Windows 11 and select servers using a USB stick and WinRE. Why it matters: It grants full access to encrypted drives without keys, ...

Windows BitLocker exploit sparks messy feud between Microsoft and the researcher who exposed it

The issue centers on a zero-day exploit called "YellowKey," published earlier this month by a security researcher known as Chaotic Eclipse, also known online as Nightmare-Eclipse.
Windows Report

Microsoft Rushes to Mitigate Dangerous New “YellowKey” Windows Exploit

Microsoft rushes to mitigate the new “YellowKey” flaw that may bypass BitLocker protections and expose encrypted Windows ...
GIGAZINE

A vulnerability has been discovered that allows access to Microsoft BitLocker-protected drives using only files on a USB drive, without the recovery key.

A zero-day vulnerability called ' YellowKey,' which could potentially bypass Microsoft's BitLocker-encrypted drives, has been disclosed by security researcher Nightmare-Eclipse. Alongside this, ...