Microsoft Windows 11: Difference between revisions

(2 intermediate revisions by the same user not shown)

Line 45:

|Forced updates that are released roughly every month tend to contain massive issues and sometimes don't actually include said update in the update. Multiple of these forced updates have caused businesses to temporarily go offline and have caused data losses for users of Windows 11.

|More users skip out on updates leaving devices vulnerable to hackers and some updates have caused irreversible data and profit losses.

|[[Windows 11 ~~Unstable &~~ forced updates]]

|[[Microsoft Windows 11 instability and forced updates]]

|-

|Unnecessary Hardware Requirements

Line 118:

|BitLocker has a built-in backdoor

|2026

|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>

|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built-in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>

The believe of this vulnerability being an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE, also known as the Windows Recovery Environment. This is weird as the same component can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=GitHub}}</ref>

@@ Line 45: / Line 45: @@
 |Forced updates that are released roughly every month tend to contain massive issues and sometimes don't actually include said update in the update. Multiple of these forced updates have caused businesses to temporarily go offline and have caused data losses for users of Windows 11.
 |More users skip out on updates leaving devices vulnerable to hackers and some updates have caused irreversible data and profit losses.
-|[[Windows 11 Unstable & forced updates]]
+|[[Microsoft Windows 11 instability and forced updates]]
 |-
 |Unnecessary Hardware Requirements
@@ Line 118: / Line 118: @@
 |BitLocker has a built-in backdoor
 |2026
-|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>
+|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built-in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>
 The believe of this vulnerability being an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE, also known as the Windows Recovery Environment. This is weird as the same component can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=GitHub}}</ref>