Comment by fh67
1 day ago
Most users have it unlocked by TPM only as that is the default Microsoft configuration - you then reboot into windows recovery, yes if windows recovery is disabled or if bitlocker requires a startup pin then this is mitigated.
"No, TPM+PIN does not help, the issue is still exploitable regardless, I asked myself this question, can it still work in a TPM+PIN environment ? Yes it does, I'm just not publishing the PoC, I think what's out there is already bad enough."
https://deadeclipse666.blogspot.com/2026/05/were-doing-silen...
Interesting. If TPM+PIN does not help, then what stands between Bitlocker and TPM unsealing the key?
Point taken, but I would call this an authentication bypass (i.e. you can become administrator without any credentials) instead of a BitLocker bypass. It looks like at most, having BitLocker turned on is a requirement to trigger the bug/backdoor.
In any case I'd be very curious to read a response to these findings from someone at Microsoft.