Linka (talk | contribs)
fixed wording to be less accusatory
 
Line 129: Line 129:
|[[Microsoft ends use of bypassnro.cmd for Windows 11]]
|[[Microsoft ends use of bypassnro.cmd for Windows 11]]
|-
|-
|BitLocker has a built-in backdoor
|BitLocker bypass
|2026
|2026
|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built-in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>
|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built-in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref>


The believe of this vulnerability being an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE, also known as the Windows Recovery Environment. This is weird as the same component can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=[[GitHub]]}}</ref>
Some community members believe{{CitationNeeded}} that this vulnerability was an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE (Windows Recovery Environment) which can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=[[GitHub]]}}</ref>
|This backdoor let to all devices using BitLocker to no longer be protected when this exploit was made public. Due to this exploit all devices that were stolen before a patch for this backdoor was made are not protected from BitLocker. The full extend of the damages caused by this backdoor are unknown and a patch removing this backdoor has not yet released.
|This backdoor let to all devices using BitLocker to no longer be protected when this exploit was made public. Due to this exploit all devices that were stolen before a patch for this backdoor was made are not protected from BitLocker. The full extend of the damages caused by this backdoor are unknown and a patch removing this backdoor has not yet released.
|}
|}