Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Windows BitLocker YellowKey (CVE-2026-45585) moved from interim mitigation to patch status after Microsoft fixed it in June 2026 Patch Tuesday. The Windows Recovery Environment (WinRE) backdoor can let attackers with physical access bypass BitLocker on unpatched Windows 11 and Windows Server 2022/2025 systems, and Microsoft also shared mitigation measures while a public proof-of-concept exploit circulated.
Related Happenings
Microsoft Windows Server 2025 and Windows 11 23H2 BitLocker recovery fix
Security Patch Release
H score15
First: 11.06.2026 11:44
Last: 11.06.2026 11:44
Sources 1
About this happening:
Microsoft shipped **KB5094125** for **Windows Server 2025** and **KB5093998** for **Windows 11 23H2** to fix a **BitLocker recovery** bug tied to the **April 2026 security update*...
Microsoft Windows Server 2025 and Windows 11 23H2 BitLocker recovery fix
Security Patch ReleaseAbout this happening: Microsoft shipped **KB5094125** for **Windows Server 2025** and **KB5093998** for **Windows 11 23H2** to fix a **BitLocker recovery** bug tied to the **April 2026 security update*...
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch Release
H score40
First: 10.06.2026 12:57
Last: 10.06.2026 12:57
Sources 1
How related:
On Tuesday, Microsoft fixed the GreenPlasma, MiniPlasma, and YellowKey security vulnerabilities as part of its June 2026 Patch Tuesday updates.
About this happening:
**Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch ReleaseHow related: On Tuesday, Microsoft fixed the GreenPlasma, MiniPlasma, and YellowKey security vulnerabilities as part of its June 2026 Patch Tuesday updates.
About this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft Defender RoguePlanet race-condition zero-day remote code execution flaw
Vulnerability
H score39
First: 10.06.2026 02:11
Last: 10.06.2026 02:11
Sources 1
About this happening:
Microsoft Defender zero-day RoguePlanet is a race-condition flaw affecting fully patched Windows 10 and Windows 11 systems. A public proof-of-concept exploit was released shortly...
Microsoft Defender RoguePlanet race-condition zero-day remote code execution flaw
VulnerabilityAbout this happening: Microsoft Defender zero-day RoguePlanet is a race-condition flaw affecting fully patched Windows 10 and Windows 11 systems. A public proof-of-concept exploit was released shortly...
Latest development: 10.06.2026 08:22
The anonymous security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, released a proof-of-concept (PoC) exploit for the Microsoft Defender zero-day RoguePlanet under a new GitHub account named MSNightmare. The race-condition exploit can yield a SYSTEM-level shell and arbitrary code execution when it succeeds, has been tested on Windows 11 and Windows 10 with the June 2026 Patch Tuesday updates installed, and currently does not work on Windows Server without redesign because standard users cannot mount an ISO image.
Microsoft June 2026 Patch Tuesday record security update bundle
Security Patch Release
H score36
First: 10.06.2026 01:07
Last: 10.06.2026 01:07
Sources 1
About this happening:
**Microsoft** released a **record Patch Tuesday bundle** for **June 2026** that patches **nearly 200 security holes** across **Windows operating systems and supported software**,...
Microsoft June 2026 Patch Tuesday record security update bundle
Security Patch ReleaseAbout this happening: **Microsoft** released a **record Patch Tuesday bundle** for **June 2026** that patches **nearly 200 security holes** across **Windows operating systems and supported software**,...
Microsoft BitLocker recovery prompt workaround
Advisory/Mitigation
H score25
First: 09.06.2026 21:35
Last: 09.06.2026 21:35
Sources 1
About this happening:
Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Microsoft BitLocker recovery prompt workaround
Advisory/MitigationAbout this happening: Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Timeline
-
10.06.2026 12:57 1 articles · 29d ago
Microsoft patches YellowKey and shares mitigation measures
Mitigation Patch UpdateOn Tuesday, Microsoft fixed YellowKey (CVE-2026-45585) as part of its June 2026 Patch Tuesday updates and shared mitigation measures for the Windows Recovery Environment backdoor. The flaw affects unpatched Windows 11 and Windows Server 2022/2025 systems and can let attackers with physical access bypass BitLocker protection on targeted devices.
Show sources
- Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days — www.bleepingcomputer.com — 10.06.2026 12:57
-
20.05.2026 10:31 2 articles · 1mo ago
Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Initial DisclosureFollowing public disclosure of **YellowKey** and a released **PoC exploit**, Microsoft assigned **CVE-2026-45585** and issued interim mitigations. The initial focus was preventing unauthorized access to **BitLocker-protected storage** until a security update could be delivered.
Show sources
- Microsoft shares mitigation for YellowKey Windows zero-day — www.bleepingcomputer.com — 20.05.2026 10:31
- Microsoft shares mitigation for YellowKey Windows zero-day — www.bleepingcomputer.com — 20.05.2026 10:31