Zero-Day Exploit Against Windows BitLocker

A researcher known as Nightmare-Eclipse published a zero-day exploit named YellowKey that bypasses default Windows 11 BitLocker encryption. The attack requires physical access to the computer and targets the full-volume encryption that relies on a hardware security chip called a TPM. BitLocker is a mandatory security feature for many organizations, including government contractors.

It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module TPM . BitLocker is a mandatory protection for many organizations, including those that contract with governments...