Microsoft Deploys Emergency Fix for YellowKey BitLocker Bypass Flaw

Key Takeaways

• Microsoft has issued an emergency mitigation for a newly disclosed BitLocker bypass dubbed YellowKey (CVE‑2026‑45585), which allows attackers with physical access to defeat Windows disk encryption.
• The flaw exploits a trust relationship in the Windows Recovery Environment (WinRE) by manipulating the FsTx Auto Recovery Utility (autofstx.exe) to spawn an unrestricted command shell during pre‑boot recovery.
• Affected systems include Windows 11 versions 24H2, 25H2, 26H1 and Windows Server 2025 (including Server Core), particularly those using TPM‑only BitLocker authentication.
• Until a permanent patch arrives, Microsoft advises administrators to mount the WinRE image, edit its registry hive to remove the autofstx.exe entry from the BootExecute value, save the modified image, and re‑establish BitLocker trust.
• Security experts warn that the mitigation requires careful testing, especially on customized recovery partitions or automated provisioning workflows.
• Microsoft strongly recommends moving from TPM‑only to TPM+PIN configurations to add a pre‑boot authentication layer.
• The public release of exploit code before a patch has reignited debate over responsible disclosure, with Microsoft citing a violation of coordinated vulnerability best practices while some researchers argue it accelerates mitigation.
• YellowKey highlights the growing risk of “evil maid” attacks that target firmware, UEFI components, recovery partitions, and bootloaders—areas often overlooked in hardening programs.
• Enterprises should audit BitLocker deployments, disable unnecessary recovery functionality, enforce TPM+PIN policies, restrict USB boot access, harden BIOS/UEFI settings, and monitor for unauthorized WinRE modifications.
• No timeline has been given for a full security update addressing CVE‑2026‑45585; organizations must rely on the interim mitigation in the meantime.

Introduction
Microsoft’s Security Response Center has sounded the alarm over a newly disclosed vulnerability that enables attackers to bypass BitLocker encryption on Windows systems when they have physical access. Tracked as CVE‑2026‑45585 and nicknamed YellowKey, the flaw has prompted an emergency mitigation while a full patch is still under development. The vulnerability underscores the limits of relying solely on hardware‑based Trusted Platform Module (TPM) protections and highlights the need for layered pre‑boot authentication.

What Is YellowKey?
YellowKey was publicly detailed by independent security researcher Chaotic Eclipse, who demonstrated how the Windows Recovery Environment (WinRE) can be abused to gain unrestricted access to a BitLocker‑protected volume. The attack hinges on placing specially crafted “FsTx” files on a USB drive or the EFI partition, then rebooting the target machine into WinRE. By holding the CTRL key at a precise moment during recovery initialization, the system launches an elevated command shell that operates with full access to the encrypted drive, effectively nullifying BitLocker’s pre‑boot safeguards.

Technical Mechanics of the Bypass
The exploit leverages a trust assumption within WinRE that automatically runs the FsTx Auto Recovery Utility (autofstx.exe) to handle Transactional NTFS replay operations during recovery. When autofstx.exe executes, it processes the malicious FsTx files, which in turn trigger the spawning of a shell with SYSTEM‑level privileges. Because this occurs before BitLocker completes its authentication routine, the attacker can read, modify, or exfiltrate data on the encrypted volume without needing any credentials or network access.

Systems Confirmed Vulnerable
Microsoft’s advisory confirms that the flaw impacts several modern Windows releases: Windows 11 Version 24H2, 25H2, and 26H1 (all x64‑based), as well as Windows Server 2025 and its Server Core variant. Organizations that rely on TPM‑only BitLocker authentication are especially exposed, because the TPM automatically unlocks the drive once integrity checks pass, leaving no additional pre‑boot barrier for the attack to overcome.

Why Security Experts Are Concerned
Unlike traditional malware that requires phishing, malicious downloads, or network compromise, YellowKey operates solely through physical access and pre‑boot manipulation. Its simplicity—requiring only a USB port and the ability to reboot a machine—means virtually any unattended laptop, workstation, or server could be a target. The attack is particularly threatening for corporate laptops, government‑issued devices, shared workstations, border‑crossing travelers, data‑center recovery systems, and lost or stolen endpoints, where an “evil maid” scenario can be executed in seconds.

Researchers Point to Weakness in WinRE Trust Model
Security researcher Will Dormann explained that YellowKey exploits the automatic launch of autofstx.exe within WinRE. Microsoft’s interim mitigation disables this automatic behavior, thereby preventing the Transactional NTFS replay that enables the attack chain. Dormann notes that recovery environments are often overlooked in enterprise hardening despite being highly privileged components of the OS, making them an attractive target for adversaries seeking to bypass encryption controls.

Microsoft’s Recommended Mitigation
Until a permanent patch is released, Microsoft advises administrators to manually adjust the WinRE configuration on each affected device. The process involves:

1. Mounting the WinRE Image – access the recovery partition or Wim file.
2. Editing the Registry Hive – load the system registry hive associated with the mounted image.
3. Removing autofstx.exe – delete the autofstx.exe entry from the BootExecute value under the Session Manager key.
4. Saving and Rebuilding the Recovery Image – unload the hive, commit changes, and re‑create the WinRE image.
5. Re‑establishing BitLocker Trust – ensure the modified recovery environment is recognized as trusted by BitLocker.
   Experts caution that this mitigation must be tested thoroughly, especially on systems with custom recovery partitions or automated provisioning pipelines, to avoid unintended boot failures.

TPM‑Only Encryption Under Scrutiny
Microsoft’s advisory strongly urges organizations to abandon TPM‑only BitLocker in favor of TPM+PIN configurations, which require a startup PIN in addition to TPM validation. Under TPM‑only mode, the TPM automatically unlocks the drive if integrity checks succeed, offering convenience but insufficient resistance to sophisticated physical attacks. Administrators can enable TPM+PIN via PowerShell, command‑line utilities, Microsoft Intune, Group Policy, or Control Panel settings, and should enforce the “Require additional authentication at startup” policy coupled with “Configure TPM startup PIN → Require startup PIN with TPM.”

Public Disclosure Sparks Debate Over Responsible Research
The early release of YellowKey’s proof‑of‑concept code has ignited a discussion about coordinated vulnerability disclosure. Microsoft criticized the public release, asserting it violates coordinated disclosure best practices and could accelerate real‑world exploitation. Conversely, some researchers argue that public disclosure pressures vendors to expedite mitigations and gives defenders a clearer view of actual risk, enabling more effective defensive measures. The incident reflects broader tensions in the cybersecurity community regarding the timing and manner of exploit detail dissemination.

Broader Implications for Enterprise Security
YellowKey serves as a stark reminder that encryption alone does not guarantee security if recovery and boot processes remain vulnerable. Modern attacks increasingly target firmware, UEFI components, recovery partitions, bootloaders, and pre‑authentication workflows—areas that often receive less scrutiny than the operating system proper. Enterprises are now urged to: audit BitLocker deployment configurations, disable unnecessary recovery features, enforce TPM+PIN policies, restrict USB boot access, harden BIOS/UEFI settings, and monitor for unauthorized modifications to WinRE. For many organizations, the vulnerability will reinforce the principle that physical access remains one of the most potent threat vectors in today’s threat landscape.

Conclusion
While Microsoft works on a permanent security update for CVE‑2026‑45585, the interim mitigation provides a concrete step for administrators to reduce immediate risk. The episode highlights the necessity of moving beyond TPM‑only authentication, scrutinizing recovery environments, and maintaining rigorous physical‑access controls. As the cybersecurity community continues to debate disclosure practices, the YellowKey incident will likely shape future strategies for defending against pre‑boot and firmware‑level attacks.