Microsoft Windows 11: Difference between revisions
m →Consumer impact summary: Style. |
|||
| Line 118: | Line 118: | ||
|BitLocker has a built-in backdoor | |BitLocker has a built-in backdoor | ||
|2026 | |2026 | ||
|On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref> | |On the 12th of May 2026, a security researcher going by the GitHub screen-name of 'Nightmare Eclipse' published a hacking tool known as 'YellowKey' that bypassed Microsoft's BitLocker encryption on Windows 11 and on Windows Server 2022 to 2025. What made this vulnerability different from others is that it was seemingly a built-in backdoor in the BitLocker encryption system.<ref>{{Cite web |last=Lakshmanan |first=Ravie |date=14 May 2026 |title=Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation |url=https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |url-status=live |archive-url=https://web.archive.org/web/20260514181052/https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html |archive-date=14 May 2026 |access-date=16 May 2026 |website=The Hacker News}}</ref> | ||
The believe of this vulnerability being an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE, also known as the Windows Recovery Environment. This is weird as the same component can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=GitHub}}</ref> | The believe of this vulnerability being an intentional backdoor comes from the fact that the exploit abuses a flaw in a component found in WinRE, also known as the Windows Recovery Environment. This is weird as the same component can be found in normal, non-recovery Windows installations, but in those versions the component does not have this vulnerability.<ref>{{Cite web |date=16 May 2026 |title=Nightmare-Eclipse/YellowKey: YellowKey Bitlocker Bypass Vulnerability |url=https://github.com/Nightmare-Eclipse/YellowKey |url-status=live |archive-url=https://web.archive.org/web/20260514013722/https://github.com/Nightmare-Eclipse/YellowKey |archive-date=14 May 2026 |access-date=16 May 2026 |website=GitHub}}</ref> | ||