TPM Archives

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Winsage

May 20, 2026

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has addressed the YellowKey vulnerability, a zero-day flaw in Windows BitLocker identified as CVE-2026-45585. This vulnerability allows unauthorized access to BitLocker-protected drives through a specific exploitation process involving 'FsTx' files. The flaw was disclosed by an anonymous researcher known as 'Nightmare Eclipse.' Microsoft has released mitigation strategies, including removing the autofstx.exe entry from the Session Manager's BootExecute REGMULTISZ value and reestablishing BitLocker trust for WinRE. Additionally, users are advised to change BitLocker settings from "TPM-only" to "TPM+PIN" mode, requiring a pre-boot PIN for drive decryption, and to enable "Require additional authentication at startup" for unencrypted devices.

Winsage

May 20, 2026

Did you know you can get Microsoft Office and Windows 11 Pro for life for only $26

Lifetime licenses for Windows 11 Pro and Microsoft Office Plus 2019 are available for .99, reduced from the regular price of 9.99. The Office 2019 Professional Plus suite includes Word, Excel, PowerPoint, Outlook, OneNote, Publisher, and Access, designed for installation on a single Windows PC and allowing offline use without ongoing payments. Windows 11 Pro features enhanced snap layouts, virtual desktops, robust security with BitLocker encryption, TPM 2.0, Windows Hello, Smart App Control, Hyper-V for virtual machines, and Windows Sandbox for secure testing. Both licenses are permanent, device-linked, and verified through Microsoft’s partner program.

Winsage

May 20, 2026

You Can Get Windows 11 Pro on Sale for A$13 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A8. It includes features such as Windows Copilot, remote desktop access, TPM 2.0, Smart App Control, biometric login, BitLocker encryption, Azure Active Directory integration, Hyper-V, and Windows Sandbox. Minimum system requirements are a 1GHz processor, 4GB of RAM, and 64GB of hard disk space. The offer is provided by a trusted Microsoft partner and may change soon.

Winsage

May 18, 2026

Why Your Windows 11 PC Doesn’t Get AI Features

Several hundred million Windows 11 users are experiencing frustrations due to the absence of Microsoft features like Recall and Cocreator, which are only available on Copilot+ PCs. Microsoft has divided Windows 11 into two tiers, with the latest AI functionalities requiring specific hardware known as Copilot+ PC. To qualify, a device must have: - An NPU capable of at least 40 TOPS - A minimum of 16 GB of RAM (DDR5 or LPDDR5) - At least 256 GB of SSD storage - Windows 11 version 24H2 or newer - A processor from specific families: Qualcomm Snapdragon X series, Intel Core Ultra 200V (Lunar Lake), or AMD Ryzen AI 300 series Many PCs lack these features due to missing NPUs, insufficient TOPS ratings, unsupported processor generations, outdated Windows versions, rollout delays, or regional limits. Features locked behind Copilot+ include Recall, Click to Do, Cocreator in Paint, Windows Studio Effects, Live Captions with Translation, Improved Windows Search, and Auto Super Resolution. To check for Copilot+ compatibility, users can verify the presence of an NPU in Task Manager, ensure they have Windows 11 version 24H2 or newer, and confirm their processor against the approved list. While some workarounds exist to enable features on unsupported PCs, they are often unstable and not recommended for primary use. Most users may not need to upgrade their laptops unless they require on-device AI features or their current device is significantly outdated. The AI feature gap is not currently critical for most users, as many features are optional or not essential.

Winsage

May 17, 2026

New Windows ‘MiniPlasma’ zero-day exploit gives SYSTEM access, PoC released

A cybersecurity researcher, known as Chaotic Eclipse, has released a proof-of-concept exploit for a Windows privilege escalation zero-day vulnerability called "MiniPlasma," which allows attackers to gain SYSTEM privileges on fully patched Windows systems. The vulnerability affects the cldflt.sys Cloud Filter driver and was reported by Google Project Zero in September 2020, assigned the identifier CVE-2020-17103, and claimed to be resolved by Microsoft in December 2020. However, Chaotic Eclipse asserts that the vulnerability remains unpatched. Testing confirmed that the exploit works on Windows 11 Pro, enabling command prompt access with SYSTEM privileges from a standard user account. Will Dormann, a vulnerability analyst, verified the exploit's effectiveness but noted it did not work in the latest Windows 11 Insider Preview Canary build. The exploit leverages the undocumented CfAbortHydration API to manage registry key creation improperly. Chaotic Eclipse has previously disclosed other Windows zero-day vulnerabilities and claims their actions are a protest against Microsoft's handling of vulnerabilities.

Winsage

May 17, 2026

Switcher 2026: Privacy, Security, and What Really Matters ⭐

Windows 11 offers potential for users seeking to minimize Microsoft's influence and restore a sense of nostalgia for earlier versions. Tools like Tiny11 Builder and Win11Debloat can facilitate significant modifications to Windows 11 installations. The video by "The Internet Privacy Guy" suggests that the only safe way to use Windows 11 is by eliminating the Microsoft account (MSA), which raises concerns about conflating privacy with security. Signing in with an MSA is actually the most secure method for using Windows 11, despite privacy implications such as telemetry collection. Users can opt for local accounts, but this requires diligence in securing their PCs, as local accounts can expose personal data without proper encryption. Users can also configure Windows 11 to resemble earlier versions by removing certain Microsoft services.

Winsage

May 17, 2026

Switch to Windows 11 Pro for $10 and get serious security, speed, and focus tools

Microsoft Windows 11 Pro is available for a limited time at a promotional price of .97, reduced from the standard retail price of 9, until May 31. The operating system features a redesigned interface for enhanced user experience, including snap layouts, virtual desktops, and rapid search tools. It offers robust security with features like BitLocker encryption, Windows Hello biometric login, and TPM 2.0 compatibility. Additionally, it includes Windows AI Copilot for task automation and idea brainstorming, making it beneficial for various users such as developers and small business owners.

Winsage

May 17, 2026

I got tired of hunting through Windows for every setting, so I built my own control center

The utility created simplifies Windows management by consolidating various settings and diagnostics into a single interface. It provides an overview of system metrics such as DNS latency, system uptime, and temporary file accumulation. The application includes dedicated pages for health checks, network insights, services, scheduled tasks, drives, drivers, power plans, gaming toggles, privacy settings, and taskbar configuration. Each diagnostic is executed through PowerShell scripts, with results displayed in a user-friendly format. The utility maintains transparency by creating .reg backups before modifying the registry and allows users to revert changes easily. It is open-source, lightweight, and designed for personal use rather than debloating. The program's structure enables users to inspect and modify scripts, ensuring clarity and control over system adjustments.

Winsage

May 16, 2026

I got tired of hunting through Windows for every setting, so I built my own control center

The utility developed streamlines access to Windows diagnostics and tweaks, consolidating functionalities typically spread across various settings panels into a single interface. It features an overview page with key system metrics and organized sections for health checks, network details, services, scheduled tasks, drives, drivers, power plans, gaming settings, privacy options, and taskbar adjustments. Each diagnostic is executed via PowerShell scripts that output JSON data for display. The application ensures transparency in registry changes by creating .reg backups before modifications and allows users to revert changes easily. It focuses on practical tweaks rather than debloating, maintaining a lightweight design without extensive features. The tool is open source and available on GitHub.