Find notable cyber news and cases, enriched with sources, timelines, and signals.

Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)

Advisory/Mitigation
First reported
Last updated
Happening score
H score 32
1 unique sources, 2 articles

Summary

Hide ▲

Windows BitLocker YellowKey (CVE-2026-45585) moved from interim mitigation to patch status after Microsoft fixed it in June 2026 Patch Tuesday. The Windows Recovery Environment (WinRE) backdoor can let attackers with physical access bypass BitLocker on unpatched Windows 11 and Windows Server 2022/2025 systems, and Microsoft also shared mitigation measures while a public proof-of-concept exploit circulated.

Related Happenings

Microsoft Windows Server 2025 and Windows 11 23H2 BitLocker recovery fix

Security Patch Release
H score15 First: 11.06.2026 11:44 Last: 11.06.2026 11:44 Sources 1

About this happening: Microsoft shipped **KB5094125** for **Windows Server 2025** and **KB5093998** for **Windows 11 23H2** to fix a **BitLocker recovery** bug tied to the **April 2026 security update*...

Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)

Security Patch Release
H score40 First: 10.06.2026 12:57 Last: 10.06.2026 12:57 Sources 1

How related: On Tuesday, Microsoft fixed the GreenPlasma, MiniPlasma, and YellowKey security vulnerabilities as part of its June 2026 Patch Tuesday updates.

About this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.

Microsoft Defender RoguePlanet race-condition zero-day remote code execution flaw

Vulnerability
H score39 First: 10.06.2026 02:11 Last: 10.06.2026 02:11 Sources 1

About this happening: Microsoft Defender zero-day RoguePlanet is a race-condition flaw affecting fully patched Windows 10 and Windows 11 systems. A public proof-of-concept exploit was released shortly...

Latest development: 10.06.2026 08:22

The anonymous security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, released a proof-of-concept (PoC) exploit for the Microsoft Defender zero-day RoguePlanet under a new GitHub account named MSNightmare. The race-condition exploit can yield a SYSTEM-level shell and arbitrary code execution when it succeeds, has been tested on Windows 11 and Windows 10 with the June 2026 Patch Tuesday updates installed, and currently does not work on Windows Server without redesign because standard users cannot mount an ISO image.

Microsoft June 2026 Patch Tuesday record security update bundle

Security Patch Release
H score36 First: 10.06.2026 01:07 Last: 10.06.2026 01:07 Sources 1

About this happening: **Microsoft** released a **record Patch Tuesday bundle** for **June 2026** that patches **nearly 200 security holes** across **Windows operating systems and supported software**,...

Microsoft BitLocker recovery prompt workaround

Advisory/Mitigation
H score25 First: 09.06.2026 21:35 Last: 09.06.2026 21:35 Sources 1

About this happening: Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...

Timeline

  1. 10.06.2026 12:57 1 articles · 29d ago

    Microsoft patches YellowKey and shares mitigation measures

    Mitigation Patch Update

    On Tuesday, Microsoft fixed YellowKey (CVE-2026-45585) as part of its June 2026 Patch Tuesday updates and shared mitigation measures for the Windows Recovery Environment backdoor. The flaw affects unpatched Windows 11 and Windows Server 2022/2025 systems and can let attackers with physical access bypass BitLocker protection on targeted devices.

    Show sources
  2. 20.05.2026 10:31 2 articles · 1mo ago

    Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)

    Initial Disclosure

    Following public disclosure of **YellowKey** and a released **PoC exploit**, Microsoft assigned **CVE-2026-45585** and issued interim mitigations. The initial focus was preventing unauthorized access to **BitLocker-protected storage** until a security update could be delivered.

    Show sources