Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
ID: 99ea5e7d-8b26-509f-8928-a773d446b312
STIX ID: report--99ea5e7d-8b26-509f-8928-a773d446b312
Feed Name: TechRepublic Security
Threat Score
Microsoft acknowledged a Windows zero-day named "YellowKey" that allows an attacker with physical access to bypass BitLocker by leveraging WinRE and a crafted FsTx USB payload; a public PoC exists, Microsoft published a temporary mitigation script (removing autofstx.exe) and recommends mitigations such as TPM+PIN while a permanent patch is awaited.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.