It's not entirely clear how the exploit works. Microsoft says it's investigating.

Ars Technica is known for its  coverage of technology-related news and analysis, ranging from scientific breakthroughs to the latest gadgets and gaming developments. Readers can learn about emerging technologies, industry trends, and the societal impact of technological advancements through detailed articles and reviews.

Ars Technica

A zero-day exploit called YellowKey, published by researcher Nightmare-Eclipse, bypasses default BitLocker encryption on Windows 11 systems with physical access. By placing a custom FsTx folder on a USB drive and booting into Windows Recovery, an attacker gains full CMD access to the encrypted drive without needing a BitLocker recovery key. The exploit appears to abuse Transactional NTFS internals. Multiple security researchers have confirmed it works. Microsoft says it is investigating.

Zero-day exploit completely defeats default Windows 11 BitLocker protections

How Scientists Respond to Science Deniers