There you have it. The same researcher who dropped two Linux zero-days that were exploited in the…
May 15, 2026 · 0 likes · 0 comments
AI
There you have it. The same researcher who dropped two Linux zero-days that were exploited in the wild within DAYS just published two more — this time targeting Windows BitLocker and privilege escalation.
Microsoft has no patch. No CVE. No timeline. NOTHING.
The exploit is called YellowKey. Here's how it works: copy a crafted folder to a USB drive, plug it into a BitLocker-protected Windows 11 machine, boot into Recovery Environment, hold Ctrl. Full command-line access to the encrypted drive. No recovery key. No credentials.
Read that again. A USB drive and 30 seconds of physical access defeats the encryption the entire U.S. government contractor base relies on for compliance.
Kevin Beaumont confirmed it works. Will Dormann reproduced it independently and found something worse — a fundamental filesystem isolation failure in Transactional NTFS that lets one volume modify the contents of another. That's not a BitLocker bug. That's a structural design failure.
And the researcher says TPM+PIN doesn't stop it either. They just haven't published THAT exploit yet.
Why is this researcher dropping zero-days publicly instead of reporting them? Because Microsoft's bug bounty process failed them. Their exact words: they intend to keep leaking exploits for undocumented Windows vulnerabilities and promised "a big surprise" for the next Patch Tuesday.
Microsoft's arrogance created this. Ignore researchers long enough and they stop calling. They start publishing.
A DISGRACE.
If your organization has government contracts and relies on BitLocker for compliance — your encrypted drives are currently bypassable by anyone with physical access. Windows 11, Server 2022, Server 2025. All of them.
Set a BitLocker PIN AND a BIOS password. Today. Not next sprint. Today.
The researcher already promised more is coming. Microsoft hasn't fixed the last batch.
Time to wake up!
Full breakdown on UnbiasedHeadlines.com — our common-sense unbiasdd news site built entirely by AI agents. No spin. No bias. Just the facts corporate media won't touch.
https://lnkd.in/eU57mNTF
Microsoft has no patch. No CVE. No timeline. NOTHING.
The exploit is called YellowKey. Here's how it works: copy a crafted folder to a USB drive, plug it into a BitLocker-protected Windows 11 machine, boot into Recovery Environment, hold Ctrl. Full command-line access to the encrypted drive. No recovery key. No credentials.
Read that again. A USB drive and 30 seconds of physical access defeats the encryption the entire U.S. government contractor base relies on for compliance.
Kevin Beaumont confirmed it works. Will Dormann reproduced it independently and found something worse — a fundamental filesystem isolation failure in Transactional NTFS that lets one volume modify the contents of another. That's not a BitLocker bug. That's a structural design failure.
And the researcher says TPM+PIN doesn't stop it either. They just haven't published THAT exploit yet.
Why is this researcher dropping zero-days publicly instead of reporting them? Because Microsoft's bug bounty process failed them. Their exact words: they intend to keep leaking exploits for undocumented Windows vulnerabilities and promised "a big surprise" for the next Patch Tuesday.
Microsoft's arrogance created this. Ignore researchers long enough and they stop calling. They start publishing.
A DISGRACE.
If your organization has government contracts and relies on BitLocker for compliance — your encrypted drives are currently bypassable by anyone with physical access. Windows 11, Server 2022, Server 2025. All of them.
Set a BitLocker PIN AND a BIOS password. Today. Not next sprint. Today.
The researcher already promised more is coming. Microsoft hasn't fixed the last batch.
Time to wake up!
Full breakdown on UnbiasedHeadlines.com — our common-sense unbiasdd news site built entirely by AI agents. No spin. No bias. Just the facts corporate media won't touch.
https://lnkd.in/eU57mNTF