BitLocker

BitLocker is Microsoft's full-disk encryption feature, built into Windows since Vista and available across Pro, Enterprise, and Education editions. It encrypts the entire system volume using AES-128 or AES-256, with the encryption key protected by the device's Trusted Platform Module (TPM), a PIN, a USB key, or a combination. When functioning correctly, BitLocker renders a stolen or removed drive unreadable without the recovery key, and is widely deployed in enterprise environments as a baseline data-at-rest protection control. In the June 2026 Patch Tuesday cycle Microsoft patched two separate bypasses in a single release: YellowKey (CVE-2026-45585) and bitskrieg (CVE-2026-50507), an unusual double-hit on the same component.

BitLocker bypasses are serious because they defeat the primary protection against physical theft and supply-chain attacks: scenarios where full-disk encryption is the last line of defence rather than one layer among many. Earlier known bypasses, including a 2023 exploit abusing the TPM boot process, have shown that the attack surface is non-trivial; bypasses typically exploit the pre-boot authentication sequence or weaknesses in how the key is unsealed. The June 2026 pair arriving in a single cycle is notable. It suggests either parallel research threads converging on the component or a shared architectural weakness being probed from two angles.

For enterprise defenders, BitLocker's prevalence in standard Windows builds means a viable bypass is immediately relevant across the full Windows estate, not just specialist deployments. Patching is the only remediation; there is no configuration workaround for a bypass that defeats the encryption design.