CRITICALZero Day
Global

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

·Source: The Hacker News

Updated:

Executive Summary

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'" the

Analysis

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'" the

Indicators of Compromise (1)

CVE (1)
CVE-2026-45585
NVDMITRE CVE
Source Attribution

Originally published by The Hacker News on May 20, 2026.

Related Threats

CRITICALZero Day

How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)

We explain how a flaw in ExifTool allows attackers to compromise macOS systems via a malicious image (CVE-2026-3102).

CVE-2026-3102
Securelist (Kaspersky)
CRITICALZero Day

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. [...]

BleepingComputer
CRITICALZero Day

Windows Zero-Day Barrage Continues After Patch Tuesday

YellowKey, GreenPlasma, and MiniPlasma add to the growing list of vulnerabilities a security researcher disclosed over the past six weeks.

Dark Reading