Microsoft has printed a Powershell script to assist IT groups repair a BitLocker bypass safety flaw discovered within the Home windows Restoration Setting (WinRE), simplifying the method of securing WinRE pictures.
Per BleepingComputer (opens in new tab), the flaw, tracked as CVE-2022-41099, permits menace actors to bypass the BitLocker System Encryption function, and acquire entry to encrypted information (opens in new tab) in low-complexity assaults.
The caveat is that the attackers have to have bodily entry to the goal endpoints. Moreover, if the person enabled BitLocker TPM and has PIN safety, the vulnerability can’t be exploited. That’s why the flaw has a severity rating of 4.6 – medium.
Two accessible variations
“The pattern PowerShell script was developed by the Microsoft product group to assist automate the updating of WinRE pictures on Home windows 10 and Home windows 11 gadgets,” Microsoft stated.
“Run the script with Administrator credentials in PowerShell on the affected gadgets. There are two scripts accessible—which script it is best to use relies on the model of Home windows you might be operating.”
One script is for programs operating on Home windows 10 2004 and later (Home windows 11 included), whereas the opposite is for Home windows 10 1909 and earlier (it should nonetheless run on all Home windows 10 and Home windows 11 programs, the corporate added).
The vulnerability was first found in November 2022. Again then, Microsoft added a repair to the November Patch Tuesday cumulative replace, itemizing it as an “vital” replace, however not “important”.
When operating the script in Powershell, admins can select a path and a reputation for the Protected OS Dynamic replace package deal.
The packages are distinctive to the model of the OS being patched, in addition to to the chip structure. Subsequently, IT groups have to obtain the best one from the Microsoft Replace Catalog upfront.