> TritonInfoSec News
Home / May 21, 2026 / Story
0
#4 The Hacker News general May 20, 2026 at 08:28 UTC

Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

By [email protected] (The Hacker News)

AI Summary

Microsoft released mitigations for CVE-2026-45585, a Windows BitLocker security feature bypass zero-day dubbed 'YellowKey' with a CVSS score of 6.8, following its public disclosure. The mitigation blocks the FsTx Auto Recovery Utility from launching within the WinRE image. This is part of a continuing wave of Windows zero-days — including GreenPlasma and MiniPlasma — disclosed by a single researcher over six weeks post-Patch Tuesday.

Read full article → https://thehackernews.com/2026/05/microsoft-releas…

Relevance score: 85.0/100

# More from May 21

  1. 1
    GitHub confirms breach of 3,800 repos via malicious VSCode extension BleepingComputer
  2. 2
    Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks The Hacker News
  3. 3
    Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs The Record
  4. 5
    CISA Exposes Secrets, Credentials in 'Private' Repo Dark Reading
  5. 6
    Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches CyberScoop
  6. 7
    7-Eleven confirms data breach claimed by the ShinyHunters gang BleepingComputer
  7. 8
    Grafana breach caused by missed token rotation after TanStack attack BleepingComputer
  8. 9
    Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack SecurityWeek
  9. 10
    Microsoft Self-Service Password Reset abused in Azure data theft attacks BleepingComputer