Microsoft said it is tracking the publicly disclosed YellowKey Windows BitLocker security feature bypass as CVE-2026-45585 and published mitigations pending a security update. The flaw can allow access to BitLocker-protected drives by abusing specially crafted FsTx files and WinRE behavior; Microsoft recommends disabling autofstx.exe auto-start in WinRE and requiring BitLocker TPM+PIN startup authentication.
Sergiu Gatlan
2026.06.10
94% relevant
This article updates the same YellowKey event by reporting that Microsoft has now patched CVE-2026-45585 as part of June 2026 Patch Tuesday, moving the story from mitigations-only to an available fix.
BrianKrebs
2026.06.09
41% relevant
The article references the same YellowKey/BitLocker disclosure thread and notes Microsoft's June patching of a related BitLocker elevation-of-privilege issue, though the main event here is Patch Tuesday rather than the original YellowKey mitigation story.
Lawrence Abrams
2026.06.09
52% relevant
This article reports Microsoft’s June Patch Tuesday fix for a separate publicly disclosed Windows BitLocker bypass flaw, CVE-2026-50507, adding another BitLocker zero-day-related development but not the same underlying vulnerability as YellowKey CVE-2026-45585.
Eduard Kovacs
2026.06.03
41% relevant
YellowKey is one of the Nightmare Eclipse-disclosed flaws discussed here. The article adds context that YellowKey was part of a broader batch of publicly dumped Microsoft zero-days that triggered controversy and partial patching, but the main event is the broader disclosure backlash rather than a standalone YellowKey update.
Bruce Schneier
2026.06.02
57% relevant
The post explicitly references the BitLocker-breaking exploit from the Nightmare Eclipse disclosures, adding context that Microsoft is threatening the researcher tied to the YellowKey zero-day case.
2026.05.28
80% relevant
This article adds Microsoft’s broader response to the Nightmare Eclipse zero-day disclosures, reiterates that YellowKey (CVE-2026-45585) remains unpatched, says Microsoft considers exploitation more likely, and places YellowKey alongside five other publicly dumped Windows flaws in the same disclosure campaign.
Ionut Arghire
2026.05.20
99% relevant
This article is directly about the same YellowKey event and adds specifics on Microsoft's mitigation steps, the CVE assignment (CVE-2026-45585), the WinRE/autofstx.exe behavior being blocked, and debate over whether BitLocker+PIN is also affected.
info@thehackernews.com (The Hacker News)
2026.05.20
99% relevant
The article appears to cover the same underlying event: Microsoft's release of mitigations for the YellowKey BitLocker bypass vulnerability CVE-2026-45585.
Sergiu Gatlan
2026.05.20
100% relevant
This article establishes a distinct tracked event by adding Microsoft's official CVE assignment and mitigation guidance for the YellowKey BitLocker zero-day, which is not represented in the existing story list.
Bruce Schneier
2026.05.18
88% relevant
This is an early report on the same YellowKey BitLocker bypass event, noting public disclosure by Nightmare-Eclipse and that the exploit reliably bypasses default Windows 11 BitLocker with physical access.