Morning Overview on MSN

Microsoft just rushed out a fix for 'YellowKey' — a Windows flaw that lets attackers pop open BitLocker-encrypted drives and read what's inside

Microsoft has confirmed a vulnerability in Windows Recovery Environment that can let an attacker with physical access bypass ...

This worrying Microsoft BitLocker backdoor can grant full access to a locked drive

Chaotic Eclipse is wreaking havoc across the Windows landscape, leaking two more flaws ...

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker ...
SecurityWeek

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.
PCQuest on MSN

Windows BitLocker zero day raises fresh risks for encrypted drives

The recent publication of a BitLocker bypass vulnerability reminds us that encryption strength will only be as secure as the recovery methods associated with it. There are two publicly disclosed ...
Ars Technica

Crucial and Samsung SSD encryption easily bypassed, MBAM/BitLocker on Windows 10

I'm not sure if anyone saw the news, but apparently Crucial's and Samsung's self-encrypting drives have very weak keys or key verification and is easily bypassed to get access to the encrypted data.
Bleeping Computer

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a ...
Bleeping Computer

Microsoft shares script to update Windows 10 WinRE with BitLocker fixes

Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment (WinRE) partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption ...