The Researcher Microsoft Tried to Ban Also Handed You a BitLocker Bypass. YellowKey, CVE-2026-45585, and the CTRL Key That Unlocks an Encrypted Drive.

For six weeks we have been following a researcher who goes by Chaotic Eclipse, also tracked as Nightmare Eclipse, and the increasingly ugly fight between him and Microsoft. We wrote about his Defender vulnerabilities — BlueHammer, the TOCTOU race in Defender's cleanup engine that escalates a low-privileged user to SYSTEM, back on April 26, and the RedSun and UnDefend tools alongside it. We wrote on June 5 that Microsoft's response to the disclosures was to ban him from its own GitHub and refer him to its crimes unit. We wrote on June 11 that within hours of Microsoft quietly patching his GreenPlasma Defender bug in the record June Patch Tuesday, he dropped a working exploit — RoguePlanet — proving the patches were his findings and that the persecution had bought Microsoft nothing. What we did not do, and what almost nobody covering the Patch Tuesday did, is connect the BitLocker bug in that same release to the same hand. It belongs to him too. Its name is YellowKey, and it turns full-disk encryption off with physical access and a held-down key.

What YellowKey Is

YellowKey is CVE-2026-45585, a Windows BitLocker Security Feature Bypass that Microsoft patched on June 9, 2026, and credited — like GreenPlasma in the same release — to the Nightmare Eclipse researcher. It carries a CVSS score of 6.8, which is the number that makes busy patch teams scroll past it, and that number is lying to you about the consequence. The attack requires physical access to the machine, and Microsoft itself rated it "Exploitation More Likely." Here is the mechanism, because the mechanism is the whole reason it matters: an attacker places specially crafted files on a USB drive or the machine's EFI system partition, boots the device into the Windows Recovery Environment, and holds down the CTRL key — and that keystroke drops a command shell with unrestricted access to the BitLocker-protected drive. No password. No recovery key. No decryption challenge. The encryption that was supposed to make a lost or stolen or seized laptop worthless is simply switched off from the recovery console by someone who can touch the keyboard.

Why "Only Physical Access" Is The Wrong Dismissal

The reflex with a physical-access bug is to wave it away — if the attacker is already holding your laptop, the reasoning goes, you have bigger problems. That reflex is exactly wrong for a full-disk-encryption bypass, because full-disk encryption is the control that exists specifically for the case where the attacker is already holding your laptop. BitLocker's entire job is to make physical possession insufficient. It is what your compliance program points at when a device walks out of an airport lounge, gets lifted from a car, is left in a hotel room with housekeeping, or is seized at a border. The whole value proposition is "they have the hardware but not the data." YellowKey collapses that to "they have the hardware, so they have the data," and it does it with consumer-grade effort: a USB stick, a reboot, and a key held during startup. This is the classic evil-maid scenario, and YellowKey is a clean, scripted instance of it against the encryption millions of organizations treat as their last line for data at rest. A stolen-laptop incident that your policy currently classifies as "encrypted, no breach" becomes, on an unpatched machine, "encrypted, bypassed, breach."

The Pattern We Have Been Documenting, One More Time

There is a throughline in everything we have written about Chaotic Eclipse, and YellowKey extends it. The researcher found real, serious flaws — a Defender privilege escalation that reaches SYSTEM, and now an encryption bypass that reaches your data at rest — and Microsoft's energy went into criminalizing the finder rather than racing the fix. The bugs were legitimate; the June Patch Tuesday that fixed GreenPlasma and YellowKey is Microsoft's own admission of that, because you do not ship an emergency-grade fix for a fiction. We argued on June 5 that treating disclosure as a crime produces scorched earth instead of safety, and the RoguePlanet drop on June 11 was the demonstration. YellowKey is the quieter, second demonstration sitting in the same patch list: the man Microsoft tried to ban handed defenders a heads-up about a hole in their full-disk encryption, and the broad coverage filed it as an anonymous 6.8 instead of as the latest output of a researcher whose track record this quarter is "keeps being right about Microsoft's own products." We name it because attribution is intelligence — knowing that YellowKey and GreenPlasma came from the same source in the same release tells you this is a coordinated body of work, not scattered noise, and that there may be more of it.

What A Defender Does

Patch it. The June 2026 cumulative update fixes CVE-2026-45585, and because the bug is physical-access full-disk-encryption bypass, the patch is the only thing that actually closes the WinRE path YellowKey abuses. Then harden the assumption underneath BitLocker, because a 6.8 physical bug is a reminder that default BitLocker is weaker than most teams think: enable pre-boot authentication — TPM plus a PIN — so the drive does not unseal its key to anyone who simply powers the machine on, which raises the cost of every recovery-environment and evil-maid technique, not just this one. Lock down boot order and disable booting from USB and external media in firmware, with a firmware password, so an attacker cannot trivially stage the crafted files YellowKey needs. And fix the policy reflex, not just the registry: if your incident playbook currently auto-classifies a lost encrypted laptop as a non-event, add the caveat that "encrypted" is only true if the device was patched against the encryption bypasses, because the assurance you are leaning on is exactly the assurance this bug removes. The 6.8 is not the measure of YellowKey. The measure is every disk you assumed was safe because it was encrypted — and the researcher who told you otherwise is the same one Microsoft spent six weeks trying to put in a cell.

The threat feed this post is built on

1.14M+ IOCs, STIX 2.1, precursor signals, supply-chain detection. Free API key in 30 seconds.

Get your free key → analytics.dugganusa.com/stix/register