1 article
Researcher collective Chaotic Eclipse released a proof-of-concept exploit for 'YellowKey,' an unpatched Windows BitLocker bypass that abuses the Windows Recovery Environment to gain access to encrypted drives without the PIN or password. No CVE has been assigned yet and Microsoft has not released a patch. Organisations relying on BitLocker for endpoint data protection should assess their exposure.