You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
msrc disclosure
About this tag
The msrc disclosure tag covers Microsoft Security Response Center (MSRC) disclosures of vulnerabilities affecting Windows and related products. Recent content includes analysis of CVE-2026-45585, a publicly disclosed BitLocker bypass known as YellowKey, which exploits Windows Recovery Environment behavior under physical access conditions. Discussions focus on the tension between recovery functionality, TPM trust, and enterprise convenience. The tag aggregates threads where MSRC has issued guidance or confirmed vulnerabilities, helping readers track official disclosures and understand their real-world implications for Windows security.
Microsoft has issued temporary mitigation guidance for YellowKey, a publicly disclosed BitLocker security-feature bypass tracked as CVE-2026-45585, after a researcher demonstrated that some Windows 11 and Windows Server systems could expose encrypted drives through Windows Recovery Environment...