5/12/2026 at 9:42:27 PM
by entuno
5/13/2026 at 12:11:47 PM
Seems like a backdoor.by coopreme
5/14/2026 at 3:39:46 AM
Because it is: https://news.ycombinator.com/item?id=47686549by pajko
5/14/2026 at 4:19:47 AM
Just because you post about it doesn’t make it so.by forestry
5/14/2026 at 4:12:16 AM
How does this prove BitLocker has a backdoor?by ranger_danger
5/14/2026 at 6:56:07 AM
What proof would be necessary to convince you, out of curiosity? In concrete terms.by gib444
5/14/2026 at 4:17:29 AM
It doesn’t.by forestry
5/13/2026 at 12:20:50 PM
What's the data in the FsTx folder? Is it just some magic data that Windows looks for?by protimewaster
5/14/2026 at 1:02:44 AM
Looks like it triggers a debug modus which in turn replay filesystem transactions from transaction logs?by e12e
5/13/2026 at 2:04:27 PM
How is this a backdoor if one of the steps is to reboot the system while holding down SHIFT? To boot in the first place, the drive needs to be unlocked.by msuser
5/14/2026 at 4:13:56 AM
The EFI partition is unencrypted.“you don't even need to plug an external storage device, you can just pull out the disk, copy the files in the EFI partition, put it back and it will still work. That's how bad it is.”
by jamescrowley
5/14/2026 at 3:25:51 AM
If you have physical access to plug in a flash drive, why would you need the drive unlocked to reboot into the recovery environment? Just power it off and trigger the boot optionsby anonymars
5/14/2026 at 1:05:21 AM
In addition to sibling comments, the author claims it also affects tpm+pin.by e12e
5/13/2026 at 2:54:36 PM
Most users have it unlocked by TPM only as that is the default Microsoft configuration - you then reboot into windows recovery, yes if windows recovery is disabled or if bitlocker requires a startup pin then this is mitigated.by fh67
5/14/2026 at 3:26:51 AM
"No, TPM+PIN does not help, the issue is still exploitable regardless, I asked myself this question, can it still work in a TPM+PIN environment ? Yes it does, I'm just not publishing the PoC, I think what's out there is already bad enough."https://deadeclipse666.blogspot.com/2026/05/were-doing-silen...
by pajko
5/14/2026 at 4:09:56 AM
[dead]by biennvops
5/13/2026 at 6:22:14 PM
Point taken, but I would call this an authentication bypass (i.e. you can become administrator without any credentials) instead of a BitLocker bypass. It looks like at most, having BitLocker turned on is a requirement to trigger the bug/backdoor.In any case I'd be very curious to read a response to these findings from someone at Microsoft.
by msuser
5/13/2026 at 1:02:53 PM
Does anyone know if the fix was shipped already? If it not a backdoor, of course.by jllyhill
5/14/2026 at 3:29:44 AM
It does not matter. Who's gonna stop them adding a new backdoor in a later Windows Update(TM) ? T this point they are not to be trusted at all.by pajko
5/14/2026 at 7:43:38 AM
Microsoft doesn't need a back door, they can literally sign a new bootchain with the same certificate and install them on your computer.This is a bug / vulnerability, not a back door.
by ChocolateGod