Listen to this articleMicrosoft has printed a Powershell script to assist IT groups repair a BitLocker bypass safety flaw discovered in the Windows Recovery Environment (WinRE), simplifying the method of securing WinRE pictures.
Per BleepingComputer, the flaw, tracked as CVE-2022-41099, permits risk actors to bypass the BitLocker Device Encryption characteristic, and acquire entry to encrypted information in low-complexity assaults.
The caveat is that the attackers must have bodily entry to the goal endpoints. Furthermore, if the user enabled BitLocker TPM and has PIN safety, the vulnerability can’t be exploited. That’s why the flaw has a severity rating of 4.6 – medium.
Two accessible variations
“The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on Windows 10 and Windows 11 devices,” Microsoft said.
“Run the script with Administrator credentials in PowerShell on the affected devices. There are two scripts available—which script you should use depends on the version of Windows you are running.”
One script is for programs working on Windows 10 2004 and later (Windows 11 included), whereas the opposite is for Windows 10 1909 and earlier (it’s going to nonetheless run on all Windows 10 and Windows 11 programs, the corporate added).
The vulnerability was first found in November 2022. Back then, Microsoft added a repair to the November Patch Tuesday cumulative update, itemizing it as an “important” update, however not “critical”.
> Microsoft’s newest Patch Tuesday is right here – fixes quite a few flaws, some ‘important’
> The first Microsoft Patch Tuesday of 2023 contains some slightly important fixes
> Check out the most effective endpoint safety providers round
When working the script in Powershell, admins can select a path and a reputation for the Safe OS Dynamic update bundle.
The packages are distinctive to the model of the OS being patched, in addition to to the chip structure. Therefore, IT groups must obtain the right one from the Microsoft Update Catalog in advance.
- These are the most effective malware elimination instruments in the mean time
