A zero-day exploit circulating on-line permits folks with bodily entry to a Home windows 11 system to bypass default BitLocker protections and acquire full entry to an encrypted drive inside seconds.
The exploit, named YellowKey, was printed earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Home windows 11 deployments of BitLocker, the full-volume encryption safety Microsoft gives to make disk contents off-limits to anybody with out the decryption key, which is saved in a secured piece of {hardware} referred to as a trusted platform module (TPM). BitLocker is a compulsory safety for a lot of organizations, together with those who contract with governments.
When one disk quantity manipulates one other
The core of the YellowKey exploit is a custom-made FsTx folder. On-line documentation of this folder is difficult to search out. As defined later, the listing related to the file fstx.dll seems to contain what Microsoft calls the transactional NTFS, which permits builders to have “transactional atomicity” for file operations in transactions with a single file, a number of information, or ones that span a number of sources.
