{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreic2mre74lpyfourmccr7fzajr4tdmwcsdpehwgw7sybjsvgpbq2vu",
    "uri": "at://did:plc:kyxdufbi5qaljy7bxivztuhy/app.bsky.feed.post/3mm67cbi3lke2"
  },
  "path": "/blog/archives/2026/05/zero-day-exploit-against-windows-bitlocker.html",
  "publishedAt": "2026-05-18T11:08:13.000Z",
  "site": "https://www.schneier.com",
  "tags": [
    "Uncategorized",
    "BitLocker",
    "exploits",
    "Windows",
    "zero-day",
    "nasty",
    "published"
  ],
  "textContent": "It’s nasty, but it requires physical access to the computer:\n\n> The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments...",
  "title": "Zero-Day Exploit Against Windows BitLocker"
}