According to the latest update, this vulnerability enabled bad actors to completely bypass the encryption if they got their hands on your PC long enough to plug in a USB drive and reboot the machine. Back in May, we learned that security researchers found a vulnerability in Windows’ BitLocker encryption system.

Industry observers note that microsoft has since published guidance on how to guard against the exploit (in short, make sure you use a PIN) as well as an interim security fix while it works on a more permanent solution, but for the moment BitLocker seems cooked. The exploit, codenamed YellowKey, is a glaring weakness in an encryption system that’s been built into Windows since the days of Vista.

As part of the ongoing story, if you use BitLocker, you should know about this, but you shouldn’t necessarily stop using it—yet.

As part of the ongoing story, but I’m still using it Is Windows’s built-in encryption useless now?! Senior Editor Alaina Yee explains why you should still use it, and what you can do to boost its protection. Not sure what encryption is? Check out our quick explanation at https://bit.ly/4gFyFRz .And for more info on VeraCrypt and Crypomator, check out veracrypt.jp and cryptomator.org. #privacy #security #Windows #zeroday. BitLocker is kind of cooked.

Industry observers note that no, odds are much better that if your machine gets nabbed it’s going to get wiped and resold for a quick buck. As PCWorld’s Alaina Yee succinctly points out over on our TikTok channel, the truth is that even if your laptop gets stolen the bad guys probably aren’t going to bother trying cutting-edge exploits to crack the encryption and access your data.

The report highlights that this requires you to set a PIN and enter it in every time you reboot the machine. It also ensures that any bad guys that try to YellowKey your PC will have to figure out the PIN before they can get in. But if you have files you’re really concerned about keeping private (like that folder full of cat pics), remember that you can follow Microsoft’s guidance by turning on the “Require startup PIN with TPM” option.

The report highlights that as Alaina points out, you’re not locked into using BitLocker alone; you can use third-party encryption tools like VeraCrypt to encrypt files and folders that you want to protect from prying eyes. More importantly, remember that you have other options when it comes to encrypting your files.

As part of the ongoing story, for more guidance on what BitLocker is and how to better secure your PC using it and other tools, check out our Windows BitLocker newbie guide and subscribe to Alaina’s killer Safe Mode newsletter!

In a fresh development, as part of PCWorld's video team, you can see him going hands-on with the most recent and greatest tech on YouTube, TikTok, and Reels, and his writing will appear on PCWorld.com. Alex has also written for Tom's Guide and Platform release Developer. Alex Wawro has more than 15 years experience as a tech journalist, and has covered everything from laptops and CPUs to PC tech industry and handhelds.