Security Feature Bypass in Windows by Microsoft
CVE-2026-45585

6.8MEDIUM

Key Information:

Vendor

Microsoft
Status
Windows 11 Version 24h2
Windows 11 Version 25h2
Windows 11 Version 26h1
Windows Server 2025
Vendor
CVE Published:
19 May 2026

Badges

📈 Trended📈 Score: 5,070💰 Ransomware👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2026-45585?

CVE-2026-45585 is a vulnerability affecting Microsoft Windows, recognized as a security feature bypass. This vulnerability, colloquially known as "YellowKey," refers to a specific flaw in Windows that allows attackers to circumvent established security protocols. Such a bypass can undermine the integrity of the system, enabling malicious actors to manipulate or access sensitive information without proper authorization. As a widely used operating system, Windows is critical for many organizations, and this vulnerability poses a significant risk to their operational security and data protection practices. The existence of this flaw underscores the importance of maintaining robust security measures and keeping systems updated to protect against potential exploitations.

Potential impact of CVE-2026-45585

  1. Unauthorized Access: Exploiting this vulnerability could grant attackers unauthorized access to systems, allowing them to execute malicious activities without detection. This access can lead to extensive data breaches and compromise sensitive information.

  2. Data Integrity Compromise: The ability to bypass security features may result in alterations or deletions of critical system data, jeopardizing the integrity of information stored within affected systems. This could have severe consequences for business operations and regulatory compliance.

  3. Increased Attack Surface: By facilitating unauthorized operations, this vulnerability broadens the potential attack surface for organizations. It may encourage further attempts at exploitation, including the deployment of additional malware or ransomware, escalating the overall cybersecurity risk landscape.

Affected Version(s)

Windows 11 Version 24H2 x64-based Systems 10.0.26100.0 < 10.0.26100.8655

Windows 11 Version 25H2 x64-based Systems 10.0.26200.0 < 10.0.26200.8655

Windows 11 version 26H1 x64-based Systems 10.0.28000.0 < 10.0.28000.2269

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

yellowkey-bitlocker
Created by Mclisterjoeh2o

yellowkey-bitlocker-544
Created by MysticMite92

yellowkey-bitlocker
Created by iDesignStudioz

News Articles

favicon imagetheregister

Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops

Six 0-days, three under active exploitation, more to come on July 14?

2 weeks ago

favicon imageTechrepublic

Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker

Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections.

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisorypatch

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📈

    Vulnerability started trending

  • 🟡

    Public PoC available

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Computerworldin

  • Vulnerability published

  • Vulnerability Reserved

.