{"slug": "zero-day-exploit-against-windows-bitlocker", "title": "Zero-Day Exploit Against Windows BitLocker", "summary": "A researcher known as Nightmare-Eclipse published a zero-day exploit named YellowKey that bypasses default Windows 11 BitLocker encryption. The attack requires physical access to the computer and targets the full-volume encryption that relies on a hardware security chip called a TPM. BitLocker is a mandatory security feature for many organizations, including government contractors.", "body_md": "It’s nasty, but it requires physical access to the computer:\nThe exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments...", "url": "https://wpnews.pro/news/zero-day-exploit-against-windows-bitlocker", "canonical_source": "https://www.schneier.com/blog/archives/2026/05/zero-day-exploit-against-windows-bitlocker.html", "published_at": "2026-05-18 11:08:13+00:00", "updated_at": "2026-05-22 14:36:08.465336+00:00", "lang": "en", "topics": ["cybersecurity", "products", "hardware", "research"], "entities": ["Windows BitLocker", "YellowKey", "Nightmare-Eclipse", "Microsoft", "TPM"], "alternates": {"html": "https://wpnews.pro/news/zero-day-exploit-against-windows-bitlocker", "markdown": "https://wpnews.pro/news/zero-day-exploit-against-windows-bitlocker.md", "text": "https://wpnews.pro/news/zero-day-exploit-against-windows-bitlocker.txt", "jsonld": "https://wpnews.pro/news/zero-day-exploit-against-windows-bitlocker.jsonld"}}