Microsoft has addressed two significant vulnerabilities in its BitLocker encryption feature, tracked as CVE-2025-54911 and CVE-2025-54912, which could allow authorized attackers to gain SYSTEM privileges on compromised machines. These Use-After-Free vulnerabilities pose a risk of privilege escalation, enabling malicious actors to execute arbitrary code and potentially take over systems. Although exploitation is considered less likely due to the requirement of low-level privileges and user interaction, Microsoft has urged users to promptly apply updates from the September 2025 Patch Tuesday to mitigate risks. The discovery highlights the ongoing challenges in maintaining security within complex software and the importance of collaboration between Microsoft and external researchers in addressing critical issues.