Microsoft has released official fixes for the YellowKey vulnerability, which allows BitLocker to be bypassed and has already been publicly disclosed as a zero-day. The vulnerability is tracked as CVE-2026-45585 and has a CVSS score of 6.8.
A new vulnerability in Windows was disclosed by the tech firm YellowKey, which relates to the BitLocker encryption security bypass mechanism. This particular vulnerability (CVE-2026-45585) could allow an attacker to gain access to encrypted files under certain circumstances; however, Microsoft stated they have no evidence of this being utilized in actual attacks at this time.
After researcher details were made public about the way in which the attack worked last week, Microsoft rapidly developed workarounds to protect user’s Windows machines running Bitlocker.
Microsoft noted that the bug impacts the ways in which BitLocker operates to protect data during the initial system startup process. As such, it would allow a malicious actor to bypass one or more of the security checks typically performed to ensure unauthorized access does not occur on a device that uses disk-level encryption.
Microsoft is recommending administrators and users implement the mitigation steps outlined by Microsoft as quickly as possible, as well as review their configuration of Bitlocker on all Windows-based devices. Additionally, Microsoft believes utilizing Trusted Platform Module (TPM), Secure Boot, and keeping up-to-date with latest security patches can help minimize the exposure to potential exploitation of CVE-2026-45585.
This disclosure occurred amidst a growing trend of increased attacks on encryption/protective measures used by Windows. Within the past few months, Microsoft has been forced to release emergency fixes for several other zero day vulnerabilities affecting Exchange Server, Office and Windows Shell, due to the fact these vulnerabilities are actively being exploited.
At this time, there is no timeline established by Microsoft for the full patch of CVE-2026-45585. Instead, Microsoft is providing interim safeguards designed to provide some level of protection from further compromise of Bitlocker via the bypass of its security features, until a complete fix is available.
