Microsoft has published a Powershell script to help IT teams fix a BitLocker bypass security flaw found in the Windows Recovery Environment (WinRE), simplifying the process of securing WinRE images. Per BleepingComputer (opens in new tab), the flaw, tracked as CVE-2022-41099, allows threat actors to bypass the BitLocker Device Encryption feature, and gain access to encrypted data (opens in new tab) in low-complexity attacks. The caveat is that the attackers need to have physical access to the target endpoints. Furthermore, if
…
Read more