Trusted Platform Module

Winsage
June 26, 2026
Microsoft has extended its offer of extended security updates for consumer users of Windows 10 until October 12, 2027, following the official end of support for the operating system on October 14, 2025. Users can acquire an extra year of patches for a modest fee, while business users have the option for an additional three years of support until 2028. Approximately 30 percent of HP's customers and 26 percent of all Windows users are still operating on Windows 10, which translates to hundreds of millions of PCs globally. The minimum requirements for running Windows 11 include a Trusted Platform Module (TPM) 2.0, 4GB of RAM, and 64GB of storage.
Winsage
June 11, 2026
Microsoft has resolved an issue affecting certain Windows Server 2025 devices that were booting into BitLocker recovery mode after the April 2026 security update. This issue was linked to specific BitLocker Group Policy configurations and required users to input their BitLocker recovery key upon the first restart after the update. However, this key would only need to be entered once for subsequent restarts, provided the group policy configuration remained unchanged. The problem primarily affected enterprise systems rather than personal devices. The issue arose under specific conditions: BitLocker was enabled on the operating system drive, a particular Group Policy was set, the Secure Boot State PCR7 Binding was "Not Possible," the Windows UEFI CA 2023 certificate was present, and the device was not already using the 2023-signed Windows Boot Manager. Microsoft released fixes in the KB5094125 and KB5093998 updates to address this problem, preventing devices with incompatible group policy configurations from installing the 2023-signed Windows Boot Manager. Event ID 1032 in the System event log indicates the issue when Windows updates are installed. For IT administrators unable to deploy the latest updates, it is recommended to remove the Group Policy configuration before installing updates or to implement a Known Issue Rollback (KIR) on affected devices. Additionally, Microsoft had previously addressed similar BitLocker recovery issues in August 2024 and May 2025.
Winsage
May 15, 2026
Microsoft confirmed a BitLocker-related issue caused by the April 2026 Security Update (KB5083769) for Windows 11, which led some devices to boot into the BitLocker recovery screen. A fix has been released, but it is currently available only for Windows 11, version 25H2, with Windows 10 and Windows Server users awaiting a solution. Administrators are advised to remove the "Configure TPM platform validation profile for native UEFI firmware configurations" Group Policy setting before installing the April 2026 update. Additionally, a security researcher named Chaotic Eclipse has developed a zero-day exploit called YellowKey, which can bypass BitLocker security using a USB stick, affecting Windows Server 2022 and 2025 but not Windows 10.
Winsage
May 15, 2026
A zero-day exploit named YellowKey allows individuals with physical access to Windows 11 systems to bypass BitLocker encryption protections. Discovered by researcher Nightmare-Eclipse, this vulnerability enables unauthorized users to access encrypted drives quickly. The exploit involves transferring a custom FsTx folder to a USB drive, connecting it to a BitLocker-protected device, and entering recovery mode to gain command prompt access without needing a BitLocker recovery key. Esteemed researchers Kevin Beaumont and Will Dormann have confirmed the exploit's functionality, although the specific mechanism within the FsTx folder that enables the bypass is not fully understood.
Winsage
May 13, 2026
A cybersecurity researcher known as Chaotic Eclipse has released proof-of-concept exploits for two unpatched vulnerabilities in Microsoft Windows: YellowKey, a BitLocker bypass, and GreenPlasma, a privilege-escalation flaw. The YellowKey vulnerability affects Windows 11 and Windows Server 2022/2025, allowing unauthorized access to BitLocker-protected volumes by exploiting the Windows Recovery Environment. The exploit can be executed using specially crafted 'FsTx' files on a USB drive or directly on the EFI partition. Independent researcher Kevin Beaumont has validated the exploit, which can bypass BitLocker protections even in a Trusted Platform Module (TPM) environment. The GreenPlasma vulnerability allows unprivileged users to create arbitrary memory-section objects, potentially leading to privilege escalation. Chaotic Eclipse has expressed dissatisfaction with Microsoft's handling of bug reports, prompting the public disclosure of these vulnerabilities. Microsoft has stated its commitment to investigating security issues and updating affected devices.
Winsage
May 4, 2026
Windows holds a 93.47% share of users on Steam, but only 67.74% have upgraded to Windows 11 nearly five years after its launch, with 25.53% still using Windows 10. The adoption of Windows 11 has been hindered by the TPM 2.0 requirement and high hardware costs. Linux's share of Steam users decreased from 5% to 4.52%. Governments, including France, are considering alternatives to Windows.
Winsage
April 16, 2026
Microsoft announced that certain Windows Server 2025 devices may experience a BitLocker recovery prompt after installing the April 2026 KB5082063 Windows security update. The recovery mode will be triggered under specific conditions: BitLocker must be enabled on the operating system drive, the Group Policy for TPM validation must be configured with PCR7, the Secure Boot State PCR7 Binding must indicate "Not Possible," the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft stated that this issue is unlikely to affect personal devices, as the configurations are mainly found in enterprise-managed systems. They are working on a resolution and recommend administrators remove the Group Policy configuration before deploying the update. If removal is not possible, applying a Known Issue Rollback (KIR) is advised to prevent triggering the recovery prompt. Microsoft has previously addressed similar BitLocker recovery prompt issues in May 2025, August 2024, and August 2022.
Winsage
March 30, 2026
Microsoft Teams and OneDrive are integral to Windows 11, enhancing productivity and collaboration. To run Windows 11, a dedicated Trusted Platform Module (TPM) 2.0 chip is essential for security features like device attestation and secure key storage. TPM 2.0 enables seamless sign-ins via Windows Hello and ensures that only secure devices can access sensitive data in Teams and OneDrive. BitLocker, which also uses TPM 2.0, protects data on lost or stolen devices. Modern processors from Intel, AMD, and Qualcomm use hybrid architecture, optimizing performance by allocating specialized cores for demanding tasks and energy-efficient processes. This configuration improves video conferencing in Teams and file operations in OneDrive. NVMe SSDs are standard in Windows 11 PCs, providing low latency and high bandwidth that enhance responsiveness, boot times, and multitasking. Fast SSDs reduce wait times for file sharing in Teams. Many Windows 11 PCs are Copilot+ PCs, equipped with a Neural Processing Unit (NPU) that enhances on-device AI capabilities. The NPU improves real-time transcription in Teams and simplifies document searches in OneDrive. Modern GPUs manage animations and display settings in Windows 11, improving video call efficiency in Teams and enhancing thumbnail generation and video playback in OneDrive. The latest Wi-Fi standards, including Wi-Fi 6, Wi-Fi 6E, and Wi-Fi 7, provide enhanced security and reliability. They ensure low latency and high throughput for seamless video conferencing in Teams and faster uploads and downloads in OneDrive.
Search