Zero-Day Exploit Against Windows BitLocker
It’s nasty , but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments. Slashdot thread . And here’s Nightmare-Eclipse’s GitHub account.
Sign in to read the full article
Create a free account to access all news, downloads, and community features
Originally published by Schneier on Security
Source: https://www.schneier.com/blog/archives/2026/05/zero-day-exploit-against-windows-bitlocker.html
This article is shared for informational purposes. All rights belong to the original author and publisher. If you are the copyright holder and would like this content removed, please contact us.