Microsoft has revealed a Powershell script to assist IT groups repair a BitLocker bypass safety flaw discovered within the Home windows Restoration Setting (WinRE), simplifying the method of securing WinRE photos.
Per BleepingComputer (opens in new tab), the flaw, tracked as CVE-2022-41099, permits menace actors to bypass the BitLocker Gadget Encryption characteristic, and acquire entry to encrypted data (opens in new tab) in low-complexity assaults.
The caveat is that the attackers must have bodily entry to the goal endpoints. Moreover, if the consumer enabled BitLocker TPM and has PIN safety, the vulnerability can’t be exploited. That’s why the flaw has a severity rating of 4.6 – medium.
Two obtainable variations
“The pattern PowerShell script was developed by the Microsoft product workforce to assist automate the updating of WinRE photos on Home windows 10 and Home windows 11 gadgets,” Microsoft stated.
“Run the script with Administrator credentials in PowerShell on the affected gadgets. There are two scripts obtainable—which script it’s best to use is determined by the model of Home windows you’re operating.”
One script is for techniques operating on Home windows 10 2004 and later (Home windows 11 included), whereas the opposite is for Home windows 10 1909 and earlier (it’s going to nonetheless run on all Home windows 10 and Home windows 11 techniques, the corporate added).
The vulnerability was first found in November 2022. Again then, Microsoft added a repair to the November Patch Tuesday cumulative replace, itemizing it as an “vital” replace, however not “essential”.
When operating the script in Powershell, admins can select a path and a reputation for the Secure OS Dynamic replace package deal.
The packages are distinctive to the model of the OS being patched, in addition to to the chip structure. Subsequently, IT groups must obtain the precise one from the Microsoft Replace Catalog prematurely.