BitLocker Security Vulnerability (CVE-2026-45585)

BitLocker Security Vulnerability (CVE-2026-45585)

According to Microsoft’s official security advisory, a security feature bypass vulnerability has been identified in the Windows operating system. This vulnerability is assigned the identifier CVE-2026-45585 and is publicly referred to as “YellowKey.”

Under specific conditions, this vulnerability may allow an attacker to bypass certain BitLocker protection mechanisms, thereby compromising the security of data stored on the device.

Until Microsoft releases an official security update to address this issue, Microsoft recommends that users enhance their BitLocker protection by enabling TPM + PIN dual authentication mode to strengthen overall security.

For detailed configuration steps, please refer to the following article: How to Configure BitLocker with TPM and PIN Authentication at Startup.