Your data at rest is not secure.

From earlier reports by Microsoft engineers, we know that the FBI is putting pressure on them to add a backdoor.
Microsoft developer and cryptographer Niels Ferguson denied any backdoors in BitLocker and said "over my dead body".
But now it seems to become a confirmed reality.

BitLocker is a built-in Windows security feature that encrypts entire hard disks to protect data at rest against physical access.
It is closely tied to a TPM and cryptographic operations are accelerated in hardware.
The volume master key is unsealed at boot up to decrypt encrypted disk volumes on the fly.

A security researcher recently published a PoC exploit called "YellowKey" that bypasses BitLocker disk encryption.
The root cause seems to be a security bug inside WinRE image that feels like a backdoor injected by Microsoft.
It allows a physical attacker to fully bypass BitLocker.
For whatever reason, only Windows 11 and Server 2022/2025 are affected, Windows 10 is not.

All it takes is a magic folder, a USB drive, and a held key.
A magic folder that no one outside Redmond can really explain.
And total silence from Microsoft raises real questions about how secure BitLocker actually is right now.

The whole exploit resides inside a specially-crafted folder structure.
Copy it to a formatted USB drive at a specific path, hold down SHIFT key and click Restart to enter Windows Recovery Environment (WinRE) to trigger the vulnerability.
Hold down CTRL key, and keep holding it, until a command prompt appears.
You can now mount encrypted volumes with diskpart and access whatever you want.

The exploit also works without a USB drive.
Just pull out the disk, copy folder to Windows EFI system partition, and put it back.

The PoC works against BitLocker in TPM-only mode.
The researcher also claims to have another PoC for TPM+PIN mode.
In TPM-only mode, a volume master key is unsealed automatically without any human intervention.
No need to enter a PIN or password.

The most reasonable thing to do now is to use a free and open-source disk encryption software such as VeraCrypt.

Previous Post