MLXIO
white usb cable on gray laptop computer
CybersecurityMay 23, 2026· 7 min read· By MLXIO Insights Team

YellowKey Bypasses BitLocker, Microsoft Has No Patch

Share

MLXIO Intelligence

Analysis Snapshot

58
Moderate
Confidence: LowTrend: 10Freshness: 88Source Trust: 100Factual Grounding: 92Signal Cluster: 20

Moderate MLXIO Impact based on trend velocity, freshness, source trust, and factual grounding.

Thesis

High Confidence

YellowKey is a public physical-access BitLocker bypass in WinRE that Microsoft has mitigated with guidance but has not yet fully patched.

Evidence

  • Microsoft released mitigation steps for YellowKey, tracked as CVE-2026-45585.
  • The issue can grant physical attackers access to encrypted Windows drives.
  • The exploit is public and Microsoft rates exploitation as "More Likely".
  • The article says YellowKey abuses WinRE startup behavior involving Transactional NTFS and winpeshl.ini to expose an unrestricted shell.

Uncertainty

  • Microsoft has not shipped a full security update yet.
  • The supplied source does not provide a definitive affected-platform matrix.
  • Local exposure depends on factors such as WinRE status, BitLocker use, and TPM-only startup reliance.

What To Watch

  • Microsoft advisory updates with exact affected OS and version scope.
  • Release of a full security update or revised mitigation guidance.
  • Enterprise validation of WinRE, BitLocker, and TPM-only configurations on exposed devices.

Verified Claims

YellowKey is tracked as CVE-2026-45585 and is described as a BitLocker bypass involving Windows Recovery Environment.
📎 Microsoft has published mitigation guidance for YellowKey, now tracked as CVE-2026-45585; the article describes it as a BitLocker bypass using WinRE.High
Microsoft has mitigation guidance for YellowKey, but the article says there is no full security update yet.
📎 The article states that Microsoft has published mitigation guidance, but there is still no full security update.High
YellowKey requires physical access and is not described as a remote internet exploit.
📎 The article states that YellowKey is not a remote internet exploit and that the attacker needs physical access.High
The article says YellowKey abuses WinRE startup behavior by using Transactional NTFS to delete winpeshl.ini, causing WinRE to spawn an unrestricted shell.
📎 The article explains that the exploit uses TxF to delete winpeshl.ini inside the recovery environment, after which WinRE spawns an unrestricted shell.High
Microsoft rates exploitation of YellowKey as "More Likely," and the vulnerability has a CVSS score of 6.8 according to the article.
📎 The article says Microsoft rates exploitation as "More Likely" and lists a CVSS score of 6.8.High

Frequently Asked

What is YellowKey CVE-2026-45585?

YellowKey is a BitLocker bypass involving Windows Recovery Environment and is tracked as CVE-2026-45585.

Does YellowKey require physical access?

Yes. The article says YellowKey requires physical access and is not a remote internet exploit.

Has Microsoft patched YellowKey?

The article says Microsoft has released mitigation guidance, but no full security update has shipped yet.

How does YellowKey bypass BitLocker according to the article?

At a high level, YellowKey uses Transactional NTFS to delete winpeshl.ini in WinRE, causing the recovery environment to open an unrestricted shell.

Should organizations stop using BitLocker because of YellowKey?

No. The article says this is not a reason to abandon BitLocker, but a reason to avoid treating disk encryption as a single protective switch.

Updated on May 24, 2026

What does BitLocker still protect if a public YellowKey proof of concept can push Windows Recovery Environment into exposing an encrypted drive before Microsoft has shipped a patch?

Microsoft has published mitigation guidance for YellowKey, now tracked as CVE-2026-45585, but there is still no full security update, according to Notebookcheck. That gap matters because the exploit is already public, and Microsoft rates exploitation as "More Likely".

YellowKey is a physical-access BitLocker bypass. The attacker does not need credentials, malware, a network connection, or software installation.

This is not a reason to abandon BitLocker. It is a reason to stop treating disk encryption as a single switch. In this case, the weak point is the recovery path: WinRE, Transactional NTFS, and how the device decides what to trust before normal Windows loads.


Why does YellowKey matter if the attacker needs physical access?

Because physical access is exactly what lost laptops, stolen corporate devices, unattended workstations, and high-value endpoints create.

YellowKey is not a remote internet exploit. It does not let someone compromise every BitLocker-protected laptop from across the network. Its threat model is narrower. But for the wrong device, it is still ugly: a Windows machine protected by BitLocker may expose the drive’s contents if the recovery environment can be manipulated and Microsoft’s interim mitigation has not been applied.

The vulnerability carries a CVSS score of 6.8. That score reflects the physical-access requirement, but it does not make the issue trivial. Microsoft’s concern is amplified by the public proof of concept and the lack of a completed patch.

Microsoft’s advisory scope should be treated as the canonical source for affected platforms. The supplied source material supports the broad point that YellowKey concerns affected Windows systems using the relevant WinRE and BitLocker recovery path, but it does not provide enough detail here to reproduce a definitive enterprise platform matrix.

That distinction is important. Administrators should avoid relying on a simplified affected/not-affected table from secondary summaries. Check Microsoft’s current advisory for exact OS and version applicability, then validate local exposure by confirming whether WinRE is enabled, BitLocker is in use, and the device relies on TPM-only startup. Public technical discussion may raise questions about adjacent deployments, but those should be treated as items to verify against Microsoft’s guidance rather than as settled scope.

YellowKey abuses the way WinRE handles recovery startup.

At a high level, the exploit uses Transactional NTFS, or TxF, to delete winpeshl.ini inside the recovery environment. That file is part of the normal WinRE startup flow. When it disappears, WinRE does not load the standard recovery interface. It spawns an unrestricted shell instead.

From there, the source material says an attacker with physical access can gain full, unencrypted visibility into the drive’s contents.

This is not password theft. It is not a typical malware infection. The attacker is not logging into Windows as the user. The bypass targets the pre-boot trust chain around the recovery environment — the part of the system that exists to repair broken Windows installations, but also has privileged access to the protected device.

That is why the issue cuts deeper than a bad setting. BitLocker’s promise depends on several pieces behaving correctly together: the encrypted volume, TPM-backed release of secrets, recovery tooling, and boot-time assumptions. YellowKey shows that if the recovery path misbehaves, encryption can be undermined before the normal OS ever gets a vote.

For readers following Microsoft security flaws more broadly, this is separate from our earlier coverage of Microsoft Defender zero-days handing hackers SYSTEM keys. The common thread is not the same bug class. It is the operational pain of responding when trusted Windows components become the attack surface.

What would this look like in a stolen-laptop scenario?

Consider a finance employee using a Windows laptop with BitLocker enabled in a TPM-only configuration. The laptop is stolen from a car. The company’s initial assumption is simple: the drive is encrypted, so the files should remain unreadable.

YellowKey complicates that assumption.

If the device is affected, unmitigated, and the attacker has the public exploit code plus enough technical skill, the recovery environment becomes the target. The attacker does not need the employee’s password. The attacker does not need to install malware. The attack is about steering the device into a recovery state where BitLocker protections can be bypassed.

That does not mean every stolen laptop is automatically exposed. The supplied source material does not support broad claims about every firmware setup, every hardware model, or every enterprise configuration. The concrete variables Microsoft does call out are affected Windows versions, WinRE behavior, and BitLocker mode.

The strongest practical distinction in the source is TPM-only versus TPM+PIN. Microsoft recommends moving high-risk devices from TPM-only BitLocker to TPM+PIN mode because it makes physical exploitation much harder.

There is one caveat from the wider technical discussion: the researcher behind YellowKey has claimed to have a separate method affecting TPM+PIN, but the supplied source material does not include a published proof of concept for that claim. Treat Microsoft’s TPM+PIN recommendation as the supported mitigation for YellowKey, not as a permanent guarantee against every future recovery-path attack.

Which Microsoft mitigation actually reduces YellowKey exposure?

Microsoft’s interim fix targets autofstx.exe, the FsTx Auto Recovery Utility, inside the WinRE image.

The mitigation requires administrators to mount the WinRE image on each affected device, load the system registry hive, and remove the autofstx.exe entry from the Session Manager BootExecute value. In plain English: Microsoft is telling admins to stop the recovery environment from automatically running the component YellowKey abuses.

This is the core change:

  • Target: WinRE image on each affected device
  • Component: autofstx.exe
  • Registry location: Session Manager’s BootExecute value
  • Purpose: prevent the TxF recovery behavior that leads to deletion of winpeshl.ini
  • Status: workaround, not a full patch

The device-by-device part matters. This is not described as a normal Windows Update that lands and closes the issue everywhere. Admins have to apply the mitigation to affected machines, then confirm it is actually present.

Microsoft also recommends TPM+PIN for high-risk systems. That creates a pre-boot authentication requirement instead of allowing TPM-only startup. For devices used by privileged administrators, executives, finance teams, developers with sensitive source access, or staff handling regulated data, that trade-off may be easier to justify.

MLXIO readers tracking Microsoft’s hardware direction may remember our coverage of Microsoft’s Snapdragon X2 bet for Surface PCs. YellowKey is not a Surface-specific story. But it is a reminder that Windows endpoint security is shaped as much by recovery and boot behavior as by the silicon roadmap.

Why does “no patch yet” make enterprise planning harder?

A mitigation narrows the attack path. A patch is supposed to remove the vulnerability.

That distinction drives the enterprise workload. Security teams now have to identify affected Windows versions, determine which devices rely on TPM-only BitLocker, apply Microsoft’s WinRE change, and decide where TPM+PIN belongs. They also have to track machines outside the most obvious laptop pool, including server deployments if Microsoft’s advisory or local validation indicates exposure.

The disclosure path adds pressure. The researcher known as Nightmare-Eclipse published a working proof of concept before Microsoft issued guidance. Microsoft called the incident a violation of coordinated vulnerability disclosure practices. Whatever the dispute, defenders are left with the same immediate reality: public exploit code exists, and the permanent fix is not here.

The open questions are narrow but important:

  • Patch timing: Microsoft has not confirmed when a full update will arrive.
  • Advisory scope: Organizations still need to verify edge cases and server deployments against Microsoft’s current guidance rather than secondary summaries.
  • TPM+PIN limits: Microsoft recommends it, while the researcher claims to be withholding a stronger bypass.

Until Microsoft ships the permanent fix, the practical move is risk-ranked mitigation. Start with devices where physical compromise would create the highest damage. Then expand across the affected fleet. The watch item is not whether BitLocker remains useful; it does. The watch item is whether organizations can close this recovery-path gap before a lost device turns into a data-access incident.

Impact Analysis

  • YellowKey can bypass BitLocker with physical access even without credentials, malware, or network connectivity.
  • A public proof of concept exists while Microsoft has only issued mitigation guidance, not a full patch.
  • Lost, stolen, or unattended Windows devices remain at elevated risk if interim mitigations are not applied.

YellowKey Severity Rating

CVE-2026-45585
CVSS6.8
MLXIO

Written by

MLXIO Insights Team

Algorithmic Research & Human Oversight

Powered by advanced algorithmic research and perfected by human oversight. The Insights Team delivers highly structured, cross-verified analysis on emerging tech trends and digital shifts, filtering out the fluff to give you high-fidelity value.

Related Articles

a glass of beer
CybersecurityMay 30, 2026

Criminal Threat Backfires in Microsoft Nightmare Eclipse

Microsoft’s Nightmare Eclipse threat turned a Windows patch crisis into a trust fight with security researchers.

8 min read

cable network
CybersecurityJun 14, 2026

RoguePlanet Turns Microsoft Defender Into the Attack Path

RoguePlanet turns Microsoft Defender into the attack path, putting fully patched Windows 10/11 systems at SYSTEM-level risk.

8 min read

a dark room with a purple light coming out of the window
CybersecurityMay 18, 2026

MiniPlasma Zero-Day Grants SYSTEM Access on Patched Windows 11

MiniPlasma zero-day exploit lets attackers escalate privileges to SYSTEM on fully patched Windows 11, risking total system takeover before a fix arrives.

5 min read

a rack of electronic equipment in a dark room
CybersecurityJun 4, 2026

Secure Boot Deadline Puts Windows Fleets on 15-Day Clock

June 9 is the last Patch Tuesday before 2011 Secure Boot certs start expiring, squeezing Windows admins into a 15-day rollout.

6 min read

red padlock on black computer keyboard
CybersecurityMay 24, 2026

Secure Boot Deadline Could Strand Older Windows PCs

Windows PCs won’t stop booting, but outdated Secure Boot certificates could cut off future boot-chain security fixes.

5 min read

red xbox one game controller
TechnologyJul 9, 2026

8 New Xbox Game Pass Games Hit Before July 21 — See List

Xbox Game Pass gets eight new July 2026 games, while two more titles expand to Premium across cloud, console, PC and handheld.

6 min read

black and red nintendo switch
TechnologyJul 5, 2026

Sony Ditches Discs, Leaving Nintendo to Save Physical Games

Sony’s 2028 disc cutoff could leave Nintendo as gaming’s last physical holdout, turning boxed games into a shrinking exception.

7 min read

a close up of a motherboard with wires and wires attached to it
TechnologyJul 9, 2026

64GB GMKtec EVO-X1 Pro Bets OCuLink Can Win Buyers

GMKtec’s EVO-X1 Pro crams 64GB RAM, Ryzen AI, and OCuLink into a $1,249 mini-PC—but thermals will make or break it.

10 min read

Vintage blue police car with chrome details
CybersecurityJul 9, 2026

5 Cops Arrested After Flock Safety Logs Expose Stalking

Flock Safety audits exposed alleged LPR misuse by Georgia officers, raising a bigger question: how much insider tracking goes undetected?

7 min read

cable network
TradingJul 9, 2026

Third Trump Plug Sends Dell Stock on a 9% AI Server Tear

Dell stock jumped up to 9% after Trump’s latest plug landed on top of booming AI server demand—and raised ethics questions.

8 min read

Stay ahead of the curve

Get a weekly digest of the most important tech, AI, and finance news — curated by AI, reviewed by humans.

No spam. Unsubscribe anytime.