Close Menu
Savannah HeraldSavannah Herald
    • Home
    • News
      • Local
      • State
      • National
      • World
      • HBCUs
    • Events
    • Directories
    • Weather
    • Traffic
    • Jobs
    • Sports
    • Politics
    • Lifestyle
      • Faith
      • Senior Living
      • Health
      • Travel
      • Beauty
      • Fashion
      • Food
      • Art & Literature
    • Business
      • Real Estate
      • Entertainment
      • Investing
      • Education
    • Guides
      • Summer Camp Guide
      • Juneteenth Guide
      • Black History Savannah
      • MLK Guide Savannah
    We're Social
    • Twitter
    • Facebook
    • YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Trending
    • The Source |CALIPAPI: WHEN THE COASTLINE BECOMES A KINGDOM
    • Charles and Diana, Lauren and Jeff Bezos: The Most Expensive Celebrity Weddings in History
    • HBCU Division II conferences TV free agents as media days loom
    • Today’s NYT Connections Hints, Answers for July 6 #1121
    • ESSENCE Festival of Culture 2026: Best Moments Recap
    • Feminist Center for Reproductive Liberation celebrates 50 years
    • BRDRS Founder On Building ‘Super App’ For Travelers Of Africa And The Caribbean
    • Direct Ireland-Barbados flight to launch through Aer Lingus
    Facebook X (Twitter) Instagram YouTube
    Login
    Savannah HeraldSavannah Herald
    Savannah HeraldSavannah Herald
    Home » Zero-day exploit completely defeats default Windows 11 BitLocker protections
    Tech

    Zero-day exploit completely defeats default Windows 11 BitLocker protections

    Savannah HeraldBy Savannah HeraldMay 17, 20263 Mins Read
    Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    A computer screen with red and blue warning signs.
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Tech Trends & Innovation: The Latest in Tech News

    Key takeaways
    • Exploit named YellowKey, published by alias Nightmare-Eclipse
    • Uses custom FsTx folder and fstx.dll, leveraging Transactional NTFS to trigger the bypass
    • Attack steps: copy FsTx to USB, boot and hold Ctrl to enter Windows Recovery, get full CMD.EXE access
    • Bypasses BitLocker recovery key; confirmed by researchers Kevin Beaumont and Will Dormann

    A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.

    The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments.

    When one disk volume manipulates another

    The core of the YellowKey exploit is a custom-made FsTx folder. Online documentation of this folder is hard to find. As explained later, the directory associated with the file fstx.dll appears to involve what Microsoft calls the transactional NTFS, which allows developers to have “transactional atomicity” for file operations in transactions with a single file, multiple files, or ones that span multiple sources.

    The steps for carrying out the bypass are simple:

    1. Copy the custom FsTx folder from the Nightmare-Eclipse exploit page to an NTFS- or FAT-formatted USB drive
    2. Connect the USB drive to the BitLocker-protected device
    3. Boot up the device and immediately press and hold down the [Ctrl] key
    4. Enter Windows recovery

    There are at least two ways to accomplish the third step. One way is to boot into Windows, hold down the [Shift] key, click on the power icon, and click restart. Another is to power on the device and restart it as soon as Windows starts booting.

    In either case, a command (CMD.EXE) prompt appears. The prompt has full access to the entire drive contents, allowing an attacker to copy, modify, or delete them. In a normal Windows Recovery flow, the attacker would need to enter a BitLocker recovery key. Somehow, the YellowKey exploit bypasses this safeguard. Multiple researchers, including Kevin Beaumont and Will Dormann, have confirmed the exploit works as described here.

    It’s unclear what in the custom FsTx folder causes the bypass. Dormann said that it appears to be related to Transactional NTFS, which itself uses command-log file system under the hood. Dormann further noted that by looking at the Windows fstx.dll, one will see code that explicitly looks for \System Volume Information\FsTx in the FsTxFindSessions() function.”

    Read the full article from the original source


    Related Posts

    • How Can Subtle Language Shifts Unlock Student Potential?
    • Welcome To Plathville: Kim Plath Lands New Job Amid Rocky Divorce Drama In Season 7 — “It Is Hard Getting Back…”
    • HBCU News – Thousands of Historic HBCU Photos Go Digital Through Getty Images and Ancestry Collaboration
    • Special Called Board Meeting: Fair Dismissal Hearing March 20
    • Skinny Jeans : The Top Denim Trend of 2025 » coco bassey
    • Why New Year’s Day Brought Discomfort and Challenge for Black Enslaved Individuals
    • HBCU choirs earn national spotlight with new Stellar Awards category
    • Blizzard confirms the Diablo 4 season 10 changes that’ll be permanent, and thank Inarius, getting rid of boss invulnerability phases is one of them
    AI and Machine Learning artificial intelligence Consumer Electronics Cybersecurity Updates Data Privacy Digital Trends Enterprise Technology Future of Work Gadget Reviews Green Tech Mobile Tech Robotics News Science and Technology Silicon Valley News Software Development Startups and Tech Tech Industry Insights Tech Innovation Tech Policy Technology News
    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
    Savannah Herald
    • Website

    Related Posts

    Tech July 5, 2026

    Today’s NYT Connections Hints, Answers for July 6 #1121

    Tech July 4, 2026

    Submit Your Questions: Inside The World of Online Romance Scams

    Tech July 4, 2026

    Block ads & more on 9 devices for life — AdGuard’s Family Plan is a one-time $28 through 7/5

    Tech July 4, 2026

    8 Technical Leadership Tips for Managers & Execs

    Tech July 3, 2026

    Taylor Swift wedding guest list: Here’s everyone definitely not on it

    Tech July 3, 2026

    FAA proposal: Supersonic airliners can fly over US cities if they’re quiet

    Comments are closed.

    Don't Miss
    World January 3, 2026By Savannah Herald02 Mins Read

    2025 General Election: Same 16–1 Result as 1997, Very Different National Message | THE STAR

    January 3, 2026

    Global Black Voices: News from around the World The recently concluded General Election, which delivered…

    Bringing Your Values Into the Interview: The Real V.I.S.A.™ at Work — The HBCU Career Center

    April 19, 2026

    In the Pipeline: LCS Plans $82M Expansion in North Carolina; Benchmark, National Development Announces New York Project

    July 3, 2026

    The #1 Hair Growth Mistake Most Black Women Make

    September 10, 2025

    How Anh Co Tran Styled Rei Ami’s Pre-Oscars Hair

    April 24, 2026
    Archives
    • July 2026
    • June 2026
    • May 2026
    • April 2026
    • March 2026
    • February 2026
    • January 2026
    • December 2025
    • November 2025
    • October 2025
    • September 2025
    • August 2025
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    Categories
    • Art & Literature
    • Beauty
    • Black History
    • Business
    • Climate
    • Culture
    • Education
    • Employment
    • Entertainment
    • Faith
    • Fashion
    • Food
    • Gaming
    • Georgia Politics
    • HBCUs
    • Health
    • Health Inspections
    • Investing
    • Lifestyle
    • Local
    • Lowcountry News
    • National
    • National Opinion
    • News
    • Politics
    • Real Estate
    • Senior Living
    • Sports
    • State
    • Tech
    • Traffic
    • Transportation
    • Travel
    • World
    Savannah Herald Newsletter

    Subscribe to Updates

    A round up interesting pic’s, post and articles in the C-Port and around the world.

    About Us
    About Us

    The Savannah Herald is your trusted source for the pulse of Coastal Georgia and the Low County of South Carolina. We're committed to delivering timely news that resonates with the African American community.

    From local politics to business developments, we're here to keep you informed and engaged. Our mission is to amplify the voices and stories that matter, shining a light on our collective experiences and achievements.
    We cover:
    🏛️ Politics
    💼 Business
    🎭 Entertainment
    🏀 Sports
    🩺 Health
    💻 Technology
    Savannah Herald: Savannah's Black Voice 💪🏾

    Our Picks

    Biscoff Cheesecake Dish|Guy That Cookz

    September 5, 2025

    Finalists for SCCPSS Teacher and Instructional Support Person of the Year Named

    November 4, 2025

    Atmus Filtration Technologies Names Kevin Carpenter Senior Vice President & Chief Supply Chain Officer

    May 13, 2026

    New Skills to Navigate Continuous Change

    June 9, 2026

    Holidays are Happy, Bittersweet Memory-Filled Moments – NormaZager.com

    July 4, 2026
    Categories
    • Art & Literature
    • Beauty
    • Black History
    • Business
    • Climate
    • Culture
    • Education
    • Employment
    • Entertainment
    • Faith
    • Fashion
    • Food
    • Gaming
    • Georgia Politics
    • HBCUs
    • Health
    • Health Inspections
    • Investing
    • Lifestyle
    • Local
    • Lowcountry News
    • National
    • National Opinion
    • News
    • Politics
    • Real Estate
    • Senior Living
    • Sports
    • State
    • Tech
    • Traffic
    • Transportation
    • Travel
    • World
    Copyright © 2002-2026 Savannahherald.com All Rights Reserved. A Veteran-Owned Business

    Type above and press Enter to search. Press Esc to cancel.

    Manage Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}
    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.

    Sign In or Register

    Welcome Back!

    Login below or Register Now.

    Lost password?

    Register Now!

    Already registered? Login.

    A password will be e-mailed to you.