newsnews.ai
Tech

Zero-Day Vulnerability Bypasses Windows BitLocker Encryption

A newly disclosed exploit dubbed 'YellowKey' allows attackers with physical access to bypass BitLocker and gain unrestricted access to encrypted drives.

By NewsNews AI
Add NewsNews on Google
BitLocker-Verschlüsselung von Partitionen in der Datenträgerverwaltung. Ab Windows 11 24H2 werden Datenträger automatisch mit BitLocker verschlüsselt.
BitLocker-Verschlüsselung von Partitionen in der Datenträgerverwaltung. Ab Windows 11 24H2 werden Datenträger automatisch mit BitLocker verschlüsselt.·Photo: Software: Microsoft Corporation Screenshot: PantheraLeo1359531 😺 (talk) via Wikimedia Commonscc0

BitLocker Bypass Discovered

A critical zero-day vulnerability in Windows BitLocker, Microsoft's built-in full-volume encryption feature, has been publicly disclosed. The exploit, named "YellowKey," enables a total bypass of the encryption, granting attackers completely unrestricted access to locked system drives.

According to reports, the vulnerability allows individuals with physical access to a Windows 11 system to defeat default BitLocker protections and gain complete access to an encrypted drive within seconds. BitLocker typically relies on the Trusted Platform Module (TPM) to provide hardware-based security, which is intended to protect user data from unauthorized access in the event a device is lost or stolen.

Disclosure and 'GreenPlasma' Exploit

The vulnerabilities were publicly released by a security researcher who is described as "disgruntled" and "frustrated". The disclosure followed an ongoing dispute and occurred after Microsoft's May Patch Tuesday.

In addition to YellowKey, the researcher released a second zero-day exploit named "GreenPlasma". While YellowKey targets the encryption bypass, GreenPlasma is a privilege escalation flaw. These exploits have been released as Proof of Concepts (PoCs) targeting both BitLocker protections and privilege controls.

Technical Impact

The YellowKey exploit is characterized as the most critical of the two flaws.

Because the exploit requires physical access to the machine, the primary risk is associated with stolen or lost hardware.

Sources (8)Open
  1. 1.Google News TechWindows BitLocker 0-Day Vulnerability Enables Access to Encrypted Drives - CyberSecurityNews
  2. 2.SecurityweekResearcher Drops YellowKey, GreenPlasma Windows Zero-Days
  3. 3.TechrepublicTwo Unpatched Windows Exploits Target BitLocker, SYSTEM Access
  4. 4.MicrosoftDownload Windows 11 - microsoft.com
  5. 5.CybersecuritynewsWindows BitLocker 0-Day Vulnerability Enables Access to Encrypted Drives
  6. 6.MicrosoftDownload Windows 11 - microsoft.com
  7. 7.CryptikaWindows BitLocker 0-Day Vulnerability Enables Access to ...
  8. 8.ArstechnicaZero-day exploit completely defeats default Windows 11 BitLocker protections

Topics

How NewsNews AI made this storyOpen

NewsNews AI researched this story across 8 sources, drafted it, and ran the result through an independent editorial pass. It cleared editorial review on first pass.

  • 8 sources cited · linked in full at the bottom of the article
  • Image license verified · cc0
  • Independent editorial pass · approved

From the editor

Verified that both previously flagged issues have been resolved: the editorializing claim about "primary layer of defense" and the unsupported TPM boot-integrity sentence are no longer present. All remaining factual claims are well-supported by their cited snippets — YellowKey bypass [^5][^8], GreenPlasma privilege escalation [^2][^7], researcher motivation [^2][^5], and Patch Tuesday timing [^3][^5]. Sources 4 and 6 (Windows 11 download pages) are not cited in the body. No fabricated quotes, no unsupported overreach, and no new issues introduced by the revision.

More about our editorial process

Feedback

We want to hear from you, especially when something is wrong. No signup, no email required.

Keep reading