Microsoft BitLocker hardware-accelerated rollout in Windows 11
Security Tool/Service
Summary
Hide ▲
Show ▼
Microsoft is rolling out hardware-accelerated BitLocker in Windows 11, improving encryption performance and key protection on supported devices. The new mode offloads cryptographic work to SoC hardware with HSMs and TEEs, and on supported NVMe systems it defaults to XTS-AES-256. Microsoft says the change reduces CPU overhead substantially, with tests showing about 70% fewer CPU cycles per I/O than software BitLocker. The rollout begins with Windows 11 24H2 after September updates and extends to Windows 11 25H2, starting on Intel vPro systems with Intel Core Ultra Series 3 (“Panther Lake”) processors.
Related Happenings
Microsoft Quantum Safe Program PQC transition
Advisory/Mitigation
H score25
First: 01.07.2026 00:20
Last: 01.07.2026 00:20
Sources 1
About this happening:
**Microsoft** is **accelerating** its **Quantum Safe Program** to move **critical products and services** to **post-quantum cryptography (PQC)** by **2029**, tightening the organi...
Microsoft Quantum Safe Program PQC transition
Advisory/MitigationAbout this happening: **Microsoft** is **accelerating** its **Quantum Safe Program** to move **critical products and services** to **post-quantum cryptography (PQC)** by **2029**, tightening the organi...
Microsoft BitLocker recovery prompt workaround
Advisory/Mitigation
H score25
First: 09.06.2026 21:35
Last: 09.06.2026 21:35
Sources 1
About this happening:
Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Microsoft BitLocker recovery prompt workaround
Advisory/MitigationAbout this happening: Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Windows 11 BitLocker bypass YellowKey security flaw
Vulnerability
H score7
First: 14.05.2026 10:27
Last: 14.05.2026 10:27
Sources 1
About this happening:
**YellowKey** is a **Windows BitLocker security feature bypass** tracked as **CVE-2026-45585** that affects the **Windows Recovery Environment (WinRE)** path and can expose **BitL...
Windows 11 BitLocker bypass YellowKey security flaw
VulnerabilityAbout this happening: **YellowKey** is a **Windows BitLocker security feature bypass** tracked as **CVE-2026-45585** that affects the **Windows Recovery Environment (WinRE)** path and can expose **BitL...
Latest development: 20.05.2026 10:31
Microsoft assigned CVE-2026-45585 to YellowKey, a Windows BitLocker security feature bypass, and recommended removing autofstx.exe from the Session Manager BootExecute REG_MULTI_SZ value, reestablishing BitLocker trust for WinRE, and moving already encrypted devices from TPM-only to TPM+PIN to require a pre-boot PIN.
Windows 11 25H2 BitLocker recovery fix (KB5089549)
Security Patch Release
H score15
First: 13.05.2026 18:42
Last: 13.05.2026 18:42
Sources 1
About this happening:
Microsoft shipped **KB5089549** for **Windows 11 25H2** to fix a **BitLocker Recovery** problem that could trap devices after the **April 2026 security updates**. The issue involv...
Windows 11 25H2 BitLocker recovery fix (KB5089549)
Security Patch ReleaseAbout this happening: Microsoft shipped **KB5089549** for **Windows 11 25H2** to fix a **BitLocker Recovery** problem that could trap devices after the **April 2026 security updates**. The issue involv...
Microsoft May 2026 Patch Tuesday release
Security Patch Release
H score44
First: 13.05.2026 13:36
Last: 13.05.2026 13:36
Sources 1
About this happening:
Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Microsoft May 2026 Patch Tuesday release
Security Patch ReleaseAbout this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...
Latest development: 01.06.2026 15:30
Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.
Timeline
-
23.12.2025 22:03 2 articles · 6mo ago
Microsoft rolls out hardware-accelerated BitLocker for Windows 11
Initial DisclosureMicrosoft is rolling out hardware-accelerated BitLocker in Windows 11 for supported devices with NVMe drives and crypto offload capable SoCs, using XTS-AES-256 by default and offloading bulk cryptographic operations to hardware security modules and trusted execution environments to reduce CPU use and improve security. Initial support starts with Windows 11 24H2 after September updates and Windows 11 25H2, beginning on Intel vPro systems with Intel Core Ultra Series 3 (“Panther Lake”) processors, while unsupported algorithms, manual key sizes, certain enterprise policies, and some FIPS configurations remain on software-based BitLocker.
Show sources
- Microsoft rolls out hardware-accelerated BitLocker in Windows 11 — www.bleepingcomputer.com — 23.12.2025 22:03
- Microsoft rolls out hardware-accelerated BitLocker in Windows 11 — www.bleepingcomputer.com — 23.12.2025 22:03