A security researcher has publicly released zero-day exploits for Windows 11's BitLocker encryption and privilege escalation vulnerabilities, claiming Microsoft deliberately built in a backdoor. Microsoft responded by banning the researcher's GitHub account and initially threatened legal action, sparking backlash over how the company treats vulnerability disclosures.
·Researcher released BitLocker bypass and privilege escalation exploits after Microsoft allegedly ignored responsible disclosure
·Microsoft banned researcher's GitHub account and faced criticism for threatening criminal investigation
·Company reversed course on prosecution threat following public backlash over handling of zero-day researchers
·Separate discovery of five bugs in DICOM medical imaging software toolkit highlights ongoing vulnerability landscape
·Incident raises questions about Microsoft's vulnerability disclosure policies and researcher protections
drawn from The HIPAA Journal, Spiceworks, The Record from Recorded Future News, TechCrunch · updated 20h ago