New Windows 11 Vulnerability Exposed: BitLocker Bypass Discovered
Security researcher describes freshly uncovered Windows 11 vulnerability as 'one of the most insane discoveries I ever found.'
Image: Pc Gamer
A newly discovered vulnerability in Windows 11, named YellowKey, allows attackers to bypass BitLocker encryption by exploiting the Windows Recovery Environment. Identified by a security researcher known as Nightmare-Eclipse, this flaw has been acknowledged by Microsoft, which has labeled it CVE-2026-45585. While a patch is pending, physical access to the device is required for exploitation.
- 01The vulnerability, dubbed YellowKey, allows reading of BitLocker-encrypted drives by exploiting the Windows Recovery Environment.
- 02Microsoft has designated the vulnerability as CVE-2026-45585 and criticized the public sharing of its proof of concept.
- 03The flaw appears to be unique to Windows 11 and is not present in Windows 10 due to differences in the Windows Recovery Environment.
- 04Exploitation requires physical access to the targeted device, such as a stolen laptop, along with a USB stick.
- 05Nightmare-Eclipse suggests that the vulnerability may act as a backdoor, as the responsible component is unique to the Windows Recovery Environment.
Advertisement
In-Article Ad
A significant vulnerability in Windows 11, referred to as YellowKey, has been uncovered by a security researcher known as Nightmare-Eclipse. This exploit allows attackers to bypass BitLocker encryption and access the contents of encrypted drives by leveraging the Windows Recovery Environment. Microsoft has acknowledged the issue, assigning it the identifier CVE-2026-45585, and has provided mitigation guidance, although a patch is still pending. The vulnerability reportedly requires physical access to the device, which somewhat mitigates the risk. According to cybersecurity firm Eclypsium, the flaw does not exist in Windows 10 due to different behaviors in the Recovery Environment. Nightmare-Eclipse theorizes that the component responsible for this vulnerability may function as a backdoor, as it is not found elsewhere outside the Windows Recovery Environment. While this discovery adds to the list of vulnerabilities in Windows 11 this year, it highlights ongoing security concerns within the operating system.
Advertisement
In-Article Ad
This vulnerability poses a security risk to users of Windows 11, particularly those with physical access to their devices, as it allows unauthorized access to encrypted data.
Advertisement
In-Article Ad
Reader Poll
How concerned are you about security vulnerabilities in operating systems?
Connecting to poll...
More about Microsoft
Read the original article
Visit the source for the complete story.