Zero-Day Exploit Against Windows BitLocker - Schneier on Security

It’s nasty, but it requires physical access to the computer:

The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments.

Slashdot thread. And here’s Nightmare-Eclipse’s GitHub account.

Tags: BitLocker, exploits, Windows, zero-day

Posted on May 18, 2026 at 7:08 AM •

Zero-Day Exploit Against Windows BitLocker - Schneier on Security

Other newsrooms on this story

Related reading

Zero-day exploit completely defeats default Windows 11 BitLocker protections

Windows BitLocker zero-day gives access to protected drives, PoC released

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

Windows-Sicherheitslücken: BitLocker-Problem und Rechteausweitung

YellowKey: una chiavetta USB può aggirare BitLocker

Súlyos hibát találtak a Windows 11-ben, védelem nélkül maradhatnak az adatai