boot recovery Archives

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Winsage

July 25, 2025

Microsoft claims Windows 11 24H2 is the ‘most reliable version of Windows yet’ – but there are PC gamers out there who disagree

Microsoft claims that Windows 11 24H2 has a 24% reduction in unexpected crashes compared to version 22H2. The update improves the Blue Screen of Death (BSoD) experience, reducing the time users spend on the BSoD screen from 40 seconds to 2 seconds. It also introduces a feature called Quick Machine Recovery (QMR) to help users recover from boot failures. Despite these advancements, some users have reported bugs and glitches, leading to skepticism about the reliability of the new version.