Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft released a mitigation for YellowKey (CVE-2026-45585), a critical BitLocker bypass vulnerability affecting Windows 11 and Server 2025.

• •Exploits specially crafted FsTx files on USB/EFI partitions to bypass encryption with physical access
• •Attack requires booting into Windows Recovery Environment (WinRE) and pressing CTRL to spawn unrestricted shell
• •Mitigations include removing autofstx.exe from WinRE and switching BitLocker from TPM-only to TPM+PIN mode
• •Users can change protection via PowerShell, command line, or control panel
• •Administrators should enable 'Require additional authentication at startup' via Intune or Group Policies

This summary was automatically generated by AI based on the original article and may not be fully accurate.