\n
![](\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/07\/exploit-vulnerability-security.jpg\")
<\/p>\n
\n<\/p>\n
A zero-day exploit circulating on-line permits folks with bodily entry to a Home windows 11 system to bypass default BitLocker protections and acquire full entry to an encrypted drive inside seconds.<\/p>\n
The exploit, named YellowKey, was printed<\/a> earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Home windows 11 deployments of BitLocker, the full-volume encryption safety Microsoft gives to make disk contents off-limits to anybody with out the decryption key, which is saved in a secured piece of {hardware} referred to as a trusted platform module (TPM). BitLocker is a compulsory safety for a lot of organizations, together with those who contract with governments.<\/p>\n The core of the YellowKey exploit is a custom-made FsTx folder. On-line documentation of this folder is difficult to search out. As defined later, the listing related to the file fstx.dll seems to contain what Microsoft calls the transactional NTFS<\/a>, which permits builders to have \u201ctransactional atomicity” for file operations in transactions with a single file, a number of information, or ones that span a number of sources.<\/p>\nWhen one disk quantity manipulates one other<\/h2>\n