VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Microsoft: Mitigation for BitLocker Bypass 'YellowKey' (CVE-2026-45585)

Microsoft: смягчение обхода BitLocker YellowKey (CVE-2026-45585)

Colleagues, a cybersecurity alert: Microsoft has released a mitigation for the YellowKey vulnerability (CVE-2026-45585), which enables a BitLocker bypass.

Summary:
- Chaotic Eclipse: FsTx on USB/EFI + boot to WinRE — holding Ctrl launches a shell with access to the encrypted volume.
- Affects Windows 11 (24H2–26H1) and Windows Server 2025.
- Microsoft advises mounting WinRE, removing autofstx.exe from BootExecute, recreating the image and restoring BitLocker trust; recommend moving from TPM-only to TPM+PIN.
- For unprotected devices — enforce pre-boot additional authentication via Intune/GPO.

Why it matters: physical access can expose encrypted data when only TPM is used.

What measures will you implement?

#cybersecurity #BitLocker #Windows #vulnerabilities

Latest comments

No comments yet.