Microsoft has made it simpler to remedy a BitLocker bypass security flaw in the Windows Recovery Environment by releasing a script (WinRE). The BitLocker Device Encryption feature of system storage devices can be circumvented by attackers using the CVE-2022-41099 vulnerability. This PowerShell script (CVE-2022-41099) makes the process of protecting WinRE images against such attacks easier. Threat actors with physical access can access encrypted data in simple assaults by successfully exploiting this. If the user has BitLocker TPM+PIN protection activated, the vulnerability cannot be exploited, claims Microsoft.
"The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on Windows 10 and Windows 11 devices," Microsoft said in a support document published on support.microsoft.com. "Run the script with Administrator credentials in PowerShell on the affected devices. There are two scripts available—which script you should use depends on the version of Windows you are running."
PatchWinREScript 2004plus.ps1 is the recommended script version, which aids in installing security updates on computers running Windows 10 2004 and after (including Windows 11). For Windows 10 1909 and previous versions, the alternate PowerShell script (PatchWinREScript General.ps1) should be used, but it is less reliable (although it will run on all Windows 10 and Windows 11 systems).
Beringer Technology Group can help your team navigate the ever-changing cybersecurity landscape. Reach out to Beringer Technology Group today. We can help evaluate your current cybersecurity posture with our Cyber Security Risk Assessment Solution, and implement the right security solutions for your organization.
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.