Microsoft issues YellowKey mitigation, no patch yet

Microsoft acknowledged the YellowKey vulnerability (CVE-2026-45585), a BitLocker security-feature bypass affecting Windows 11 (24H2/25H2/26H1) and Windows Server 2025; a proof-of-concept released publicly by Chaotic Eclipse leverages specially crafted FsTx files and the WinRE autofstx.exe to obtain an unrestricted shell and access BitLocker-protected volumes. Microsoft has issued manual mitigations (disabling autofstx.exe in the WinRE image and re-establishing BitLocker trust) and strongly recommends switching from TPM-only to TPM+PIN; there is no official patch yet.