Forum Discussion
YellowKey BitLocker Exploit
Hi All I hope you are well. Anyway, the YellowKey BitLocker Exploit has came to my attention. We already have automatic / silent BitLocker encryption enabled. So, is there anything we should be ...
I’ve been wondering about this too — looks quite serious.
From what I see, YellowKey abuses WinRE + FsTx to get a shell with the BitLocker volume already unlocked, no password or recovery key needed. So in practice, with physical access, default BitLocker setups can be bypassed.
For now, likely worth tightening things around
- pre-boot auth (TPM+PIN),
- USB boot restrictions,
- physical access controls.
Curious how Microsoft will address this.