1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft just made it easier to patch this Bitlocker bypass flaw

    From TechnologyDaily@1337:1/100 to All on Fri Mar 17 14:15:03 2023
    Microsoft just made it easier to patch this Bitlocker bypass flaw on Windows

    Date:
    Fri, 17 Mar 2023 14:00:44 +0000

    Description:
    Microsoft just released a script to help IT teams fix a BitLocker bypass security flaw found in the Windows Recovery Environment

    FULL STORY ======================================================================

    Microsoft has published a Powershell script to help IT teams fix a BitLocker bypass security flaw found in the Windows Recovery Environment (WinRE), simplifying the process of securing WinRE images.

    Per BleepingComputer , the flaw, tracked as CVE-2022-41099, allows threat actors to bypass the BitLocker Device Encryption feature, and gain access to encrypted data in low-complexity attacks.

    The caveat is that the attackers need to have physical access to the target endpoints. Furthermore, if the user enabled BitLocker TPM and has PIN protection, the vulnerability cannot be exploited. Thats why the flaw has a severity score of 4.6 - medium. Two available versions

    "The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on Windows 10 and Windows 11 devices," Microsoft said.

    "Run the script with Administrator credentials in PowerShell on the affected devices. There are two scripts availablewhich script you should use depends
    on the version of Windows you are running."

    One script is for systems running on Windows 10 2004 and later (Windows 11 included), while the other is for Windows 10 1909 and earlier (it will still run on all Windows 10 and Windows 11 systems, the company added).

    The vulnerability was first discovered in November 2022. Back then, Microsoft added a fix to the November Patch Tuesday cumulative update, listing it as an important update, but not critical. Read more

    Microsoft's latest Patch Tuesday is here - fixes numerous flaws, some
    'critical'


    The first Microsoft Patch Tuesday of 2023 includes some rather important
    fixes


    Check out the best endpoint protection services around

    When running the script in Powershell, admins can choose a path and a name
    for the Safe OS Dynamic update package.

    The packages are unique to the version of the OS being patched, as well as to the chip architecture. Therefore, IT teams need to download the right one
    from the Microsoft Update Catalog in advance. These are the best malware removal tools at the moment



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-just-made-it-easier-to-patch-this-bit locker-bypass-flaw-on-windows


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)