← Back to Feed CACHED · 2026-05-17 09:42:19 · cache_key CVE-2025-29912
CVE-2026-45585 · CWE-77 · Disclosed 2026-05-20

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as &quot

ASSESSED — NOISGATE V0.5
Vendor
Reassessed
Verdict:
01 · The Real Story

This is a master key for a locked car that only works after the thief already has the car in the garage

CVE-2026-45585, aka *YellowKey*, is a Windows BitLocker security-feature bypass tied to WinRE trust behavior. Officially tracked affected platforms are Windows 11 24H2/25H2/26H1 x64 and Windows Server 2025, with a public PoC showing a crafted FsTx payload on removable media or EFI storage can trigger a shell in WinRE and expose a BitLocker-protected volume. Microsoft explicitly states systems using TPM+PIN are not exploitable, which sharply narrows the vulnerable population inside mature fleets.

Microsoft's MEDIUM 6.8 baseline is broadly fair, and if anything slightly generous for enterprise patch prioritization. The impact is ugly—loss of confidentiality of data at rest on a lost or stolen device—but the decisive friction is attacker position: this is physical-only, offline, per-device exploitation, not something an internet adversary can spray across 10,000 hosts. Public PoC availability keeps it important, especially for mobile fleets, but it is still not a front-of-queue remote compromise issue.

"Serious for stolen TPM-only laptops, but the physical-access requirement keeps this out of the top patch tier."
02 · The Attack Path

4 steps from start to impact.

STEP 01

Stage the YellowKey payload

The public Nightmare-Eclipse/YellowKey PoC uses a crafted FsTx directory placed on a USB device or, per the researcher's notes, copied into the EFI partition. This is not a memory-corruption exploit chain; it is a pre-boot trust-abuse setup step using published artifacts.
Conditions required:
  • Attacker has hands-on access to the endpoint or removed disk
  • Target runs an affected Windows release
  • Attacker can insert USB media or modify EFI storage
Where this breaks in practice:
  • Requires physical possession, which usually means theft, brief access, depot access, border seizure, or insider handling
  • EDR and network controls do not help much before the OS boots, but basic physical custody policies do
  • Tamper-evident custody and secure storage break many real-world opportunities
Detection/coverage: Traditional vuln scanners can flag affected OS versions, but they usually cannot prove exploitability without checking BitLocker protector state.
STEP 02

Boot into WinRE

The PoC workflow reboots the device into the Windows Recovery Environment and relies on pre-boot interaction to reach the vulnerable path. The published reproduction uses Shift+Restart followed by a key sequence during reboot, but an attacker with physical possession can also work from offline recovery scenarios.
Conditions required:
  • Attacker can reboot the endpoint
  • WinRE is present and reachable
  • Boot protections do not block the recovery workflow being abused
Where this breaks in practice:
  • Some enterprises lock down external boot paths and tightly control firmware access
  • Devices already under user control and online are harder to attack than unattended or stolen laptops
  • Secure Boot is not a full fix here because the trust issue is inside the signed recovery path
Detection/coverage: Look for unusual recovery boots, BitLocker recovery events, or WinRE servicing changes, but telemetry is weaker than for in-OS attacks.
STEP 03

Trigger the WinRE shell path

The YellowKey PoC abuses a WinRE component path to spawn an elevated shell with access to the protected volume. Reporting around Microsoft's interim guidance indicates the mitigation centers on removing the autofstx.exe entry from WinRE BootExecute and restoring BitLocker trust in WinRE.
Conditions required:
  • The WinRE image still contains the vulnerable behavior
  • The interim mitigation has not been applied
  • The system is using a susceptible BitLocker protector model
Where this breaks in practice:
  • Microsoft's interim mitigation can neutralize this path before a full security update lands
  • Fleet admins who have already hardened WinRE or rebuilt images may not be exposed
  • TPM+PIN blocks the vulnerable trust assumption per Microsoft
Detection/coverage: Image-based compliance checks and WinRE configuration audits are more useful than runtime detection.
STEP 04

Read data from the BitLocker volume

Once the shell is obtained in the trusted pre-boot path, the attacker can access data on what should have been a protected BitLocker volume. The practical outcome is offline data exposure on that single endpoint, which matters most for laptops with sensitive local data or cached secrets.
Conditions required:
  • BitLocker is enabled in a vulnerable mode such as TPM-only
  • Sensitive data exists locally on the device
  • Attacker has enough time to extract or copy data
Where this breaks in practice:
  • Blast radius is one device at a time, not domain-wide
  • Server populations are usually less exposed to theft than mobile endpoints
  • Organizations with low local-data footprints reduce the payoff
Detection/coverage: Post-event detection is mostly forensic: lost-device reports, unexpected recovery boot artifacts, and signs of offline access.
03 · Intelligence Metadata

The supporting signals.

In-the-wild statusAs of 2026-05-30, there is public PoC disclosure and vendor acknowledgement, but I found no CISA KEV entry and no authoritative confirmation of active campaigns. Treat this as *publicly weaponizable*, not *confirmed at-scale exploitation*.
PoC availabilityYes — public PoC in Nightmare-Eclipse/YellowKey, with reproducible steps using FsTx, WinRE, and a key sequence.
EPSS0.00113 from your intel block — extremely low probability in the 30-day mass-exploitation model, which fits a physical/offline attack surface better than a remotely wormable one.
KEV statusNot listed in CISA KEV as of 2026-05-30; no due date because it is absent from the catalog.
CVSS vectorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H — the whole story is in AV:P: easy to execute *after physical possession*, with high impact to the device's data-at-rest boundary.
Affected versionsOfficial NVD CPEs show Windows 11 24H2 x64, 25H2 x64, 26H1 x64, and Windows Server 2025. The public researcher also claimed additional scope, but that is not what NVD currently enumerates.
Fixed / mitigated stateNo full security update/version is publicly documented yet. Microsoft issued mitigation guidance and states TPM+PIN is not exploitable.
Exposure populationInternet scanning data from Shodan/Censys/GreyNoise is largely not meaningful here because the attack is *offline and physical*, not network-reachable. The relevant exposure metric is the number of traveling or stealable TPM-only BitLocker devices in your fleet.
Disclosure date2026-05-20 public vendor disclosure/NVD publication window; NVD shows initial publication on 2026-05-19 and later modification on 2026-05-22.
Researcher / reporterPublic PoC attributed to Nightmare-Eclipse / Chaotic Eclipse via GitHub; Microsoft is the CNA and published the mitigation advisory.
04 · The Call

noisgate verdict.

Final Verdict
= UNCHANGED to MEDIUM (5.9/10)

The single biggest driver is the physical-access requirement: this is a post-theft or hands-on attack, not a remotely reachable fleet-wide compromise path. That keeps the reachable population narrow even though the confidentiality impact on an individual TPM-only laptop can be severe.

HIGH Attacker-position friction is the dominant risk reducer
HIGH TPM+PIN materially removes exploitability per Microsoft
MEDIUM Exact affected-version scope beyond NVD-listed platforms

Why this verdict

  • Downgrade for attacker position: the vendor starts at 6.8, but AV:P means the adversary must already have the device or its storage in hand. That implies theft, insider access, border seizure, repair-chain access, or a similar high-friction precondition.
  • Downgrade for reachable population: this is not externally scannable and not remotely sprayable. In a 10,000-host enterprise, the exposed slice is the subset of affected Windows builds using TPM-only BitLocker on physically mobile assets.
  • Hold at medium because the impact is real and the PoC is public: once the attacker reaches the device, the control being bypassed is your data-at-rest boundary. For laptop-heavy fleets, that is not academic risk.

Why not higher?

There is no unauthenticated remote path, no internal lateral-movement shortcut, and no tenant-wide or domain-wide blast radius. Each extra prerequisite—physical possession, reboot access, affected BitLocker configuration, unmitigated WinRE path—pushes this down from emergency patch territory.

Why not lower?

This is not harmless edge-case noise because it directly defeats a security boundary many enterprises rely on for lost or stolen devices. Public PoC plus high confidentiality impact on common mobile endpoints keeps it above backlog-only hygiene.

05 · Compensating Control

What to do — in priority order.

  1. Move TPM-only devices to TPM+PIN — Use this first on executive, travel, contractor, and high-data-sensitivity laptops. Microsoft states TPM+PIN is not exploitable; for a MEDIUM verdict there is no mitigation SLA, so treat this as targeted hardening during the normal remediation window rather than an emergency fleet scramble.
  2. Audit BitLocker protector state fleet-wide — Identify affected Windows 11/Server 2025 assets where the OS volume uses plain TPM without pre-boot auth. This is the fastest way to reduce the population that actually matters and should be completed early in the 365-day remediation window.
  3. Apply Microsoft's WinRE mitigation on higher-risk endpoints — Where operationally tolerable, implement the vendor's interim WinRE mitigation on laptops that leave controlled facilities. Because the verdict is MEDIUM, there is no mitigation SLA; prioritize based on theft exposure and data sensitivity.
  4. Tighten physical custody controls — Lost/stolen-device workflows, secure storage, shipping-chain controls, and repair/vendor handling materially cut the only realistic initial-access path. For this CVE, physical security is not a side note; it is a primary exploit blocker.
What doesn't work
  • EDR alone doesn't solve pre-boot abuse because the attacker acts before the normal OS and userland telemetry stack is active.
  • Perimeter firewalls, WAFs, and email gateways are irrelevant because there is no network delivery path.
  • Secure Boot is helpful generally but does not by itself fix a trust issue inside a signed WinRE workflow.
06 · Verification

Crowdsourced verification payload.

Run this on the target Windows endpoint in an elevated PowerShell session (Run as Administrator). Example: powershell.exe -ExecutionPolicy Bypass -File .\Test-YellowKey.ps1. It needs local admin rights to query BitLocker state. PATCHED in this script means not exploitable / effectively mitigated for YellowKey today, usually because the device uses TPM+PIN or stronger pre-boot auth; it does not mean Microsoft has shipped a permanent security update.

noisgate-verify.ps1
POWERSHELLREAD-ONLYSAFE
# Test-YellowKey.ps1

# Detect likely exposure to CVE-2026-45585 / YellowKey on the local Windows host.

# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN


$ErrorActionPreference = 'Stop'

function Write-Result {
    param(
        [string]$State,
        [string]$Reason,
        [int]$Code
    )
    Write-Output "$State - $Reason"
    exit $Code
}

try {
    $os = Get-CimInstance Win32_OperatingSystem
    $cs = Get-CimInstance Win32_ComputerSystem
    $productType = $os.ProductType   # 1=Workstation, 2=DC, 3=Server

    $caption = [string]$os.Caption
    $build = [int]$os.BuildNumber
    $displayVersion = (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -ErrorAction SilentlyContinue).DisplayVersion

    $isServer2025 = ($productType -ne 1 -and $caption -match 'Server 2025')
    $isWin11 = ($productType -eq 1 -and $caption -match 'Windows 11')

    # Officially tracked affected workstation releases are Win11 24H2/25H2/26H1 x64.

    $isAffectedClientRelease = $false
    if ($isWin11 -and $cs.SystemType -match 'x64') {
        if ($displayVersion -in @('24H2','25H2','26H1')) {
            $isAffectedClientRelease = $true
        }
    }

    $isAffectedOS = $isServer2025 -or $isAffectedClientRelease
    if (-not $isAffectedOS) {
        Write-Result -State 'PATCHED' -Reason 'Host is not on an officially tracked affected OS/release for YellowKey.' -Code 0
    }

    $osDrive = $env:SystemDrive.TrimEnd(':') + ':'
    $blv = Get-BitLockerVolume -MountPoint $osDrive -ErrorAction Stop

    if ($null -eq $blv) {
        Write-Result -State 'UNKNOWN' -Reason 'Unable to read BitLocker state for the OS volume.' -Code 2
    }

    if ($blv.VolumeStatus -eq 'FullyDecrypted' -or $blv.ProtectionStatus -eq 'Off') {
        Write-Result -State 'PATCHED' -Reason 'BitLocker protection is not active on the OS volume; YellowKey BitLocker bypass is not applicable as configured.' -Code 0
    }

    $kpTypes = @()
    if ($blv.KeyProtector) {
        $kpTypes = $blv.KeyProtector | ForEach-Object { $_.KeyProtectorType }
    }

    if (-not $kpTypes -or $kpTypes.Count -eq 0) {
        Write-Result -State 'UNKNOWN' -Reason 'BitLocker is enabled but key protector types could not be determined.' -Code 2
    }

    $hasTpmOnly = $kpTypes -contains 'Tpm'
    $hasTpmPin = ($kpTypes -contains 'TpmPin') -or ($kpTypes -contains 'TpmAndPin')
    $hasTpmStartupKey = ($kpTypes -contains 'TpmStartupKey') -or ($kpTypes -contains 'TpmAndStartupKey')
    $hasTpmPinStartupKey = ($kpTypes -contains 'TpmPinStartupKey') -or ($kpTypes -contains 'TpmAndPinAndStartupKey')

    # Microsoft states TPM+PIN is not exploitable. Treat any stronger pre-boot auth than TPM-only as PATCHED/mitigated.

    if ($hasTpmPin -or $hasTpmStartupKey -or $hasTpmPinStartupKey) {
        Write-Result -State 'PATCHED' -Reason ('Affected OS, but BitLocker pre-boot auth is stronger than TPM-only. Key protectors: ' + ($kpTypes -join ', ')) -Code 0
    }

    if ($hasTpmOnly) {
        Write-Result -State 'VULNERABLE' -Reason ('Affected OS with TPM-only BitLocker protector on OS volume. Key protectors: ' + ($kpTypes -join ', ')) -Code 1
    }

    Write-Result -State 'UNKNOWN' -Reason ('Affected OS, BitLocker enabled, but protector mix is uncommon or could not be mapped cleanly. Key protectors: ' + ($kpTypes -join ', ')) -Code 2
}
catch {
    Write-Result -State 'UNKNOWN' -Reason $_.Exception.Message -Code 2
}
07 · Bottom Line

If you remember one thing.

TL;DR
Monday morning, do not treat YellowKey like a remote emergency, but also do not ignore it if you run a large mobile fleet. Use asset management and BitLocker telemetry to find Windows 11 24H2/25H2/26H1 x64 and Server 2025 systems using TPM-only protection, then prioritize traveling laptops and high-sensitivity users for TPM+PIN or Microsoft's interim WinRE hardening in your next normal change cycle; for a MEDIUM verdict there is no noisgate mitigation SLA — go straight to the 365-day remediation window. Track Microsoft's eventual security update and deploy it within the noisgate remediation SLA of 365 days, while handling lost/stolen-device-prone endpoints first because that is where the real business risk sits.

Sources

  1. NVD CVE-2026-45585
  2. Microsoft Security Update Guide entry
  3. Public YellowKey PoC repository
  4. Microsoft Learn - BitLocker overview
  5. Microsoft Learn - BitLocker countermeasures
  6. CISA Known Exploited Vulnerabilities Catalog
  7. NCSC advisory NCSC-2026-0165
Peer Review

What defenders are saying.

Submit a review attribution: handle + country only
0 flags selected · stored anonymously
Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.