Microsoft pushes out PowerShell scripts to fix BitLocker bypass

Microsoft has fixed a vulnerability in the Windows Recovery Environment (WinRE) for Windows 10 and 11 systems that could allow access to encrypted data in storage devices.

Redmond engineers created a sample PowerShell script to enable enterprises to automatically update WinRE images to protect the Windows devices from a BitLocker security bypass vulnerability tracked as CVE-2022-41099.

There are two versions of the script (KB5025175), which should be run with administrator credentials in PowerShell, the company writes. The more robust version – PatchWinREScript_2004plus.ps1 – is for devices running Windows 10 2004 and later, including Windows 11. The other – PatchWinREScript_General.ps1 – is aimed at those with Windows 10 v1909 and earlier.

Microsoft released an advisory about the vulnerability in November 2022 and updated the notice in February.

It's not easy for attackers to exploit the flaw, according to Microsoft. If the device is protected by the BitLocker TPM+PIN, the crooks would ...