Major Bitlocker Fail - YellowKey

[voltsandjolts]

Just a head's up that your bitlocker encrypted drives can apparently be accessed without keys.
Don't get your laptops stolen 'till this one is fixed. If it's already stolen, your screwed.

https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758

[twospoons]

Would have been useful when a windows update triggered the bitlocker key request a couple of months ago. Naturally no-one knew what the bitlocker keys were for our company laptops.
Its probably meant as a backdoor for the NSA.

[golden_labels]

Until more details and independent reviews are available, I remain cautious with opinions.

There is some gaping hole in the description. Which BitLocker modes are affected? Author’s reasoning about it being a backdoor is incompatible with how disk encryption software works.

I don’t use Windows, but I do vaguely recall BitLocker had a pseudo-protection mode in which no key had to be supplied by the user. Quickly skimming through Wikipedia supports that memory. If this is the mode affected, then I have no more questions, but I also don’t consider the finding of huge relevance. It doesn’t circumvent any actual security.

But if that affects keyed modes, something doesn’t add up. It’s not possible to backdoor encryption this way. Unless Microsoft stored the encryption key twice (e.g. two key slots), only one protected by the user secret. That would unmistakeably be a backdoor. But this is not in agreement with how YellowKey’s author describes it. It would also be strange if nobody noticed this situation earlier. We already have free tools to access BitLocker volumes: I can’t imagine the developers would miss something so obvious.

The third option is that it only allows accessing the OS without breaching data security. But again, author’s own description suggests protected data access.

[voltsandjolts]

Which BitLocker modes are affected?

TPM-only mode: This is the default setting for most consumer and corporate Windows 11 machines, making them highly vulnerable.

[Whales]

> Author’s reasoning about it being a backdoor is incompatible with how disk encryption software works.

Nope.  This isn't a backdoor in the concept of disk encryption, it's a backdoor in the Windows disk encryption implementation.  Subtle but important difference.


>  I do vaguely recall BitLocker had a pseudo-protection mode in which no key had to be supplied by the user. [...] I also don’t consider the finding of huge relevance. It doesn’t circumvent any actual security.

That's Bitlocker's most common use case.  Keys are stored in the TPM, signed early windows boot code has access to them, user doesn't have to enter any disk encryption keys but still has to get past the Windows login screen after boot.

Yes it's a terrible set of compromises.  But against casual theft (eg small time crooks) it has been an effective option, until now.  This changes the risks for a lot of vulnerable individuals (domestic) and small business.

[Whales]

On the topic of the word "backdoor", because I've seen arguments about this elsewhere:

From WordNet (r) 3.0 (2006) [wn]:

  backdoor
      n 1: an undocumented way to get access to a computer system or
           the data it contains [syn: {back door}, {backdoor}]

That makes this a backdoor.  Intentionality is something separate.

Whether or not this is an intentional or unintentional backdoor is likely impossible to prove.  I suspect the reality is that Windows' implementations of everything are so complicated that there will be multiple unintentional early boot backdoors, AND, their legal position likely requires them to have multiple intentional backdoors (the most obvious one being backup bitlocker keys being stored on your MS account in the cloud).  Distinguishing them is impractical.

From what I've read this exploit might be using some NTFS transaction features to deliver some of the payload.  ie one of thousands of features of the kernel most people have forgotten about.

Now that one major flaw has been found & published it is likely we will be seeing more in the coming weeks, as people start directing their attention towards it.

[Peabody]

Which BitLocker modes are affected?

TPM-only mode: This is the default setting for most consumer and corporate Windows 11 machines, making them highly vulnerable.

But if a partition is separately BitLockered, opened by the user typing in a key, that partition would still be protected?  It seems it would be.  I don't see how that could be bypassable.

[Marco]

Author’s reasoning about it being a backdoor is incompatible with how disk encryption software works.

Without a PIN entered in an UEFI boot screen (only available on Pro version of Windows) the disk is "unlocked" at boot (ie. the decryption key is handed out to Windows without any user supplied secret, but trusted boot ensures it's unaltered Windows booting). The only thing protecting you is the normal windows login, anything loaded before that login is attack surface ... a pretty huge attack surface.

[Cyclotron]

LOL, this would be a handy feature when the criminals break in, encrypt your stuff, and hold the keys for ransom.
At least its a bug that could prevent you from paying for the results of other bugs. 

[peter-h]

Maybe I am missing something but surely BL must be possible to break since the pwd (or its hash) must be stored on the machine.

To log into my BL-secured win10 laptop (XPS13 - not win11 "officially compliant") I enter my win10 login pwd. So... anybody with hardware access can bypass that.

The only way to make the HD "secure" would be to have the HD data pass through a "smart card security level" encryption/decryption chip. These have been around for ever, and the latest ones probably resist stuff like the VCC pulsing etc, but I don't think they can do HD data rates.

It is exactly the same issue which you have in any embedded system which needs to decrypt firmware updates, and where it must be assumed the attacker has full hardware access.

If it can be done with a USB stick is just a lot worse

[Simmed]

Would have been useful when a windows update triggered the bitlocker key request a couple of months ago. Naturally no-one knew what the bitlocker keys were for our company laptops.
Its probably meant as a backdoor for the NSA.

haha i was thinking
they did not find a hack
but they found the backdoor
 

haha TPM = trusted permanent backdoor

[Marco]

To log into my BL-secured win10 laptop (XPS13 - not win11 "officially compliant") I enter my win10 login pwd. So... anybody with hardware access can bypass that.

Without a backdoor it could be relatively secure if it booted to login from an unencrypted partition. AFAIK this is what Apple does. With that it unlocks and it passes the login to the normal OS, for the user it is seamless, though when they first implemented it like this you had to login twice.

This way the key doesn't get to DRAM till after you enter your password. The way Microsoft does is stupid, even the UEFI screen password is an awkward hack compared to just doing it right and seamless to the user.

[peter-h]

But, more fundamentally, if the cleartext appears anywhere on the PCB, it can be examined.

The details don't matter.

You either have HD encryption done in a secure chip (or a tamper-proof module like they use in cash machines etc) or you don't.

I am not sure anybody does it properly because you need to process the password stuff and the HD encryption in the same tamper-proof module. About 35 years ago there was a Smartdisk Safeboot which got fairly close. This used a 3.5" diskette sized module, containing a 44C200 smartcard chip, and it ran the HD encryption from a RAM based driver, but obviously all this can be disassembled and examined at runtime with a hardware debugger, and anyway the HD data was obviously still visible. I did an FPGA for that product.

[Marco]

If you are worried about interception,then on a long enough timescale they can intercept data through the analogue hole regardless, when you work with it on screen.

Bitlocker is supposed to protect against theft, not tampering with a machine which is then used by the owner.

[peter-h]

What I am saying is that BL enables someone with physical possession of the machine to read the hard disk. And I never doubted that.

Obviously it is not trivial, or not supposed to be

A pre-boot PIN is supposed to address this.

[Marco]

What I am saying is that BL enables someone with physical possession of the machine to read the hard disk. And I never doubted that.

But that has nothing to do with dedicated hardware, you could have a 100% software solution which is unbreakable on theft.