{"id":12963,"date":"2026-05-19T05:03:26","date_gmt":"2026-05-19T05:03:26","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/05\/19\/zero-day-exploit-against-windows-bitlocker-html\/"},"modified":"2026-05-19T05:03:26","modified_gmt":"2026-05-19T05:03:26","slug":"zero-day-exploit-against-windows-bitlocker-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/05\/19\/zero-day-exploit-against-windows-bitlocker-html\/","title":{"rendered":"Zero-Day Exploit Against Windows BitLocker"},"content":{"rendered":"\n<div>Zero-Day Exploit Against Windows BitLocker<\/div>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>It\u2019s <a href=\"https:\/\/arstechnica.com\/security\/2026\/05\/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections\/\">nasty<\/a>, but it requires physical access to the computer:<\/p>\n<blockquote>\n<p>The exploit, named YellowKey, was <a href=\"https:\/\/github.com\/Nightmare-Eclipse\/YellowKey\">published<\/a> earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments.<\/p>\n<\/blockquote>\n<p>Slashdot <a href=\"https:\/\/tech.slashdot.org\/story\/26\/05\/14\/0554201\/mystery-microsoft-bug-leaker-keeps-the-zero-days-coming\">thread<\/a>. And <a href=\"https:\/\/github.com\/Nightmare-Eclipse\">here\u2019s<\/a> Nightmare-Eclipse\u2019s GitHub account.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bruce Schneier<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2026\/05\/zero-day-exploit-against-windows-bitlocker.html\">Go to bruce schneier<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zero-Day Exploit Against Windows BitLocker It\u2019s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533,57,1264,1,395,517],"tags":[87],"class_list":["post-12963","post","type-post","status-publish","format-standard","hentry","category-bitlocker","category-bruce-schneier","category-exploits","category-uncategorized","category-windows","category-zero-day","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12963"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=12963"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12963\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=12963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=12963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=12963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}