Microsoft's June 9, 2026 Patch Tuesday quietly fixed one of the scarier Windows flaws in recent memory: a BitLocker bypass nicknamed 'YellowKey' that let a thief with physical access read everything on an encrypted Windows drive using nothing more than a USB stick and a held-down key. If you own a Windows laptop and rely on BitLocker to protect your files in case of theft, you need to install this month's update.
What 'YellowKey' actually does
BitLocker is the full-disk encryption built into Windows Pro and Enterprise editions. It's the feature that's supposed to make a stolen laptop useless to whoever ends up with it — without your PIN, recovery key, or TPM, the drive should be unreadable. Recovering files from a properly encrypted drive is supposed to be impossible.
YellowKey broke that promise. Microsoft has patched a publicly disclosed Windows BitLocker bypass flaw that allowed local attackers to gain access to an encrypted drive through a physical attack. The technique is embarrassingly simple: the vulnerability could be exploited by placing specially crafted files on a USB drive or EFI partition and booting into the Windows Recovery Environment (WinRE), where holding down the CTRL key triggered a command shell with unrestricted access to encrypted BitLocker-protected drives.
In plain English: a thief who got your laptop could boot it from a USB stick, hold a key on the keyboard, and end up at a system command prompt that could read your encrypted files.
Who disclosed it and why it matters
BleepingComputer reported the fix was for the YellowKey vulnerability publicly disclosed last month by a researcher named Nightmare Eclipse. That researcher has been releasing a string of Windows zero-days in protest of how Microsoft handles bug bounty disclosures, which means the technical details were public before the patch landed.
The fix shipped as part of Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws and three publicly disclosed zero-day vulnerabilities. YellowKey was one of those three. Until you install the June update, a Windows laptop with BitLocker is not as theft-proof as you think it is.
How to check that you're patched
On Windows 11, go to Settings → Windows Update and click Check for updates. The patch you want is KB5094126 (for 24H2 and 25H2) or KB5093998 (for 23H2). After installing today's security updates, Windows 11 25H2 (KB5094126) will have its build number changed to 26200.8457 25H2 and 26100.8457 (24H2), and 23H2 (KB5093998) will be changed to 22631.7079.
On Windows 10, only machines enrolled in Microsoft's Extended Security Updates program get the fix. Microsoft has released the Windows 10 KB5094127 extended security update, which fixes the June 2026 Patch Tuesday vulnerabilities and adds new functionality to monitor the rollout of updated Secure Boot certificates that replace those expiring this month. Home users still on regular Windows 10 will not receive this patch and should plan to move to Windows 11 or replacement hardware soon.
If the update fails to install or your PC won't boot afterward, that's a hardware or storage issue we can sort out at our York shop before you lose access to anything important.
What you should do beyond the patch
Installing the June update closes the YellowKey hole, but a few habits make a real difference if your laptop ever walks off:
- Set a BitLocker PIN, not just TPM-only unlock. A PIN means a thief still has to guess something even after they bypass other tricks. - Back up your BitLocker recovery key somewhere that isn't on the laptop itself — a Microsoft account, a printed sheet at home, or both. - Keep a current backup of your files. Encryption protects against snooping, not against a dead drive. If your drive does fail, professional recovery is dramatically harder (and sometimes impossible) on a BitLocker-encrypted disk without the recovery key. - Install Patch Tuesday updates within a week of release. Most exploited Windows flaws get attacked after the patch exists, not before, because attackers reverse-engineer the fix.
What This Means for York, PA
York-area customers who use Windows Pro laptops for work — especially anyone in healthcare, legal, or finance who's required to encrypt client data — should treat this month's update as mandatory and verify their BitLocker recovery key is saved somewhere safe. If your laptop won't take the June update, won't boot after installing it, or you've lost your recovery key, bring it to York Computer Repair at 2069 Carlisle Rd and we'll take a look.