Zero-Day Exploit Against Windows BitLocker

Published: 3 weeks ago (May 18, 2026 at 07:08 AM EDT)

1 min read

Source: Schneier on Security

Exploit Overview

The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare‑Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full‑volume encryption protection Microsoft provides to make disk contents off‑limits to anyone without the decryption key. The key is stored in a secured piece of hardware known as a Trusted Platform Module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments.

References

Slashdot thread
Nightmare‑Eclipse’s GitHub account

Back to Blog

Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor

!Falling laptop crackinghttps://cdn.mos.cms.futurecdn.net/NoMA8eAVErtvRS5rFYuiQm.jpg Image credit: Getty Images Background Last month, security researcher Chaot...

Zero-Day Exploit Against Windows BitLocker

Exploit Overview

References

Related posts

Microsoft fixes BitLocker recovery issue only for Windows 11 users

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

Windows BitLocker zero-day gives access to protected drives, PoC released

Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor