Comment by msuser

Point taken, but I would call this an authentication bypass (i.e. you can become administrator without any credentials) instead of a BitLocker bypass. It looks like at most, having BitLocker turned on is a requirement to trigger the bug/backdoor.

In any case I'd be very curious to read a response to these findings from someone at Microsoft.