A USB stick now opens a BitLocker drive in 60 seconds. The researcher calls it a backdoor.

A researcher using the alias Nightmare-Eclipse (also “Chaotic Eclipse”) dropped two unpatched Windows zero-days on GitHub yesterday. The first, YellowKey, bypasses BitLocker drive encryption on Windows 11 and Windows Server 2022 and 2025. It needs physical access and a USB stick. That’s it.

The second, GreenPlasma, is an unrelated local privilege-escalation chain. The same person published both with full proof-of-concept code, no embargo, and a README that accuses Microsoft of leaving an intentional backdoor in the Windows Recovery Environment. Microsoft has not assigned a CVE to either issue or shipped a patch. As of May 14, the company’s only public response is the same boilerplate it sends every coordinated-disclosure dispute: “Microsoft has a customer commitment to investigate reported security issues and update impacted devices to protect customers as soon as possible.”

How YellowKey works

BitLocker’s TPM-only mode is the default on every Microsoft-managed Windows 11 install since 2024. The TPM releases the volume key to the OS when the boot environment hashes match a known good measurement. WinRE, the recovery image that ships on every PC’s hidden partition, is one of those measured boot environments. The TPM trusts it.

YellowKey abuses that trust by smuggling a single directory into WinRE’s startup path. The exploit copies a folder called FsTx from inside a fabricated System Volume Information tree onto a USB drive, then reboots the target into WinRE with the stick inserted. WinRE’s setup code reads the folder, fails to find an ini file, and falls back to a hardcoded cmd.exe spawn. The TPM has already unsealed the BitLocker volume key by then, so the resulting shell sees the encrypted disk as plain NTFS. No password prompt, no recovery key, no BitLocker dialog.

The Register confirmed the exploit works against TPM-only configurations. PIN-protected installs are not yet shown to be vulnerable, but the researcher hasn’t said whether the underlying WinRE flaw extends to them. Most consumer machines and a meaningful share of enterprise fleets run TPM-only.

Why the researcher calls it a backdoor

The README on the YellowKey repo points at a specific oddity. The component responsible for the fallback shell, the writeup claims, exists only inside the WinRE image. A binary with the same name ships in regular Windows installs but does not include the trigger. Two builds of the same component, one with a shell-spawn path that no normal recovery flow seems to want, and one without it.

The researcher’s framing is blunt: “I just never managed to understand why this vulnerability is sooo well hidden.” They believe Microsoft engineered the WinRE shortcut on purpose. Neither Microsoft nor any external analyst has corroborated the backdoor claim. It is also possible the divergence is debugging code that survived a release branch. Both explanations are consistent with the binary diff; the researcher’s interpretation is not consensus.

What is consensus: this is the third time in 18 months the same disclosure account has dropped working Microsoft exploits with no advance notice. iTnews traced the pattern to two prior incidents, both linked to disputes over MSRC’s handling of earlier submissions.

What you can do today

There is no patch. Microsoft’s standard BitLocker mitigations still apply and they’re worth turning on:

• Switch to TPM+PIN, not TPM-only. This adds a pre-boot prompt the WinRE path can’t satisfy and is the recommendation security teams have been giving for a decade anyway.
• Disable WinRE access from BitLocker-protected volumes via manage-bde -protectors -disable C: only as a temporary measure during a sensitive trip; re-enable after.
• Set the BitLocker Group Policy that requires a startup PIN for fixed drives in your fleet. Documented under “Configure use of passwords for operating system drives” in gpedit.msc.
• Track Microsoft’s Patch Tuesday announcement on June 10. Given the public PoC and the press cycle, an out-of-band fix before then is more likely than not.

If you support a fleet of corporate laptops that travel, assume someone is going to test this on a hotel-room machine within the week.

What this means for you

BitLocker’s whole pitch is that a stolen laptop is a paperweight. With YellowKey live and no patch, TPM-only configurations no longer hold that line; an attacker with five minutes of physical access and a USB stick gets full filesystem read, including saved browser passwords, OAuth tokens, and any unencrypted document. If you run a TPM-only deployment in 2026, treat it the way you’d treat an unencrypted disk this week. The next Patch Tuesday is the one to watch; if Microsoft ships an out-of-band update before then, that is the company quietly admitting the researcher’s “backdoor” framing landed harder than the boilerplate response suggests.