Dave explains the new YellowKey exploit that can use a simple USB stick to unlock a BitLocker drive.

Dave's Garage's resource offers insights, tutorials, and resources for technology enthusiasts and DIYers. Readers can learn about electronics, hardware hacking, and DIY projects. With tutorials, project guides, and community forums, Dave's Garage provides resources for makers and hobbyists interested in tinkering with technology.

Dave's Garage

A newly disclosed BitLocker bypass called Yellow Key, released on May 12th by Nightmare/Chaotic Eclipse, allows attackers with brief physical access to unlock BitLocker-encrypted volumes on Windows 11 and Windows Server 2022/2025 without a password, recovery key, or TPM sniffing. The exploit abuses the Windows Recovery Environment (WinRE) transaction repair handling in the FSTX folder, tricking WinRE into mounting BitLocker-protected volumes as read-write during a recovery flow. A proof of concept is already on GitHub. Default TPM-only BitLocker configurations are silently vulnerable because the convenience unlock mechanism is exactly what the exploit rides. Windows 10 is reportedly not affected. Active exploitation has already been claimed.

Yellow Key: BitLocker has been Broken! Don't lose your laptop!