Forum Discussion
YellowKey BitLocker Exploit
Hi All I hope you are well. Anyway, the YellowKey BitLocker Exploit has came to my attention. We already have automatic / silent BitLocker encryption enabled. So, is there anything we should be ...
Microsoft has just published their guidance here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585
Thanks buddy, although I'm not sure what MS are asking us to do here on Entra ID joined / Intune enrolled devices that are in numerous offices throughout the country, as these do look like per device commands to me and we don't really want BitLocker PINs. Am I missing something?
SK
Good question. In theory, it ought to be possible to create a PowerShell Remediation script that checks whether the mitigation has been applied and runs the commands to apply it if needed. Why didn't Microsoft provide one?
Edit: The article was updated on May 21 to include a PowerShell remediation script.