Skip to Content

MC1318295: Mitigation guidance updated with a new script for CVE 2026 45585

By: Author Alex Lim

Posted on

Categories Update

Home » Update » MC1318295: Mitigation guidance updated with a new script for CVE 2026 45585

Summary

  • Microsoft published updated mitigation guidance and a Microsoft-provided script for CVE-2026-45585 (Windows BitLocker security feature bypass) that replaces previously documented manual mitigation steps.
  • The mitigation applies to BitLocker on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 — review inventory for these OS versions and BitLocker usage.
  • Administrators should review the Microsoft Security Update Guide entry and consider testing and deploying the script (via PowerShell/Intune/management tooling) for devices at risk; environments that
  • already applied the manual mitigations do not need additional action.
  • This is a stopgap mitigation (script) to reduce exposure while Microsoft develops a future security update.

Primary Service: Windows
Admin Impact: High
User Impact: Low
Release Start: 22 May 2026
Release End: 22 May 2026
Services: Windows
Category: Prevent or fix issues
Tags: Action Required, Admin Action, Security Impact

History

5/21/2026 Item Added to Message Center

Microsoft Message

Microsoft has updated the mitigation guidance in CVE-2026-45585, a Windows BitLocker security feature bypass vulnerability. The updated guidance replaces previously documented manual mitigation steps with a script that helps reduce exposure while a future security update is developed to address this vulnerability. Note that a limited set of Windows versions are affected: Windows 11, versions 26H1, 25H2, and 24H2, and Windows Server 2025.

When will this happen

The updated mitigation guidance and script are available now.

How this will affect your organization

Windows devices that use BitLocker may be exposed to this vulnerability if mitigations are not applied. Organizational environments that previously implemented the documented manual mitigation steps do not need to take additional action, as the script only simplifies deployment of the existing mitigation.

Organizations that have not yet taken action should assess their exposure to this vulnerability and determine whether mitigation is appropriate. Microsoft recommends that organizations consider implementing this mitigation if devices and data may be at risk of being compromised or stolen. For example, this may apply if your organization’s employees take their work devices home or on business travel.

What you need to do to prepare

Organizational environments using BitLocker on affected Windows versions should review the updated guidance in the Microsoft Security Update Guide to determine whether applying the mitigation is necessary.

Additional information

CVE-2026-45585: Windows BitLocker Security Feature Bypass Vulnerability