BitLocker Security Feature Bypass Vulnerability
Key Information
- Vendor
- Microsoft
- Status
- Windows 10 Version 1809
- Windows Server 2019
- Windows Server 2019 (server Core Installation)
- Windows Server 2022
- Vendor
- CVE Published:
- 9 January 2024
Badges
Summary
BitLocker Security Feature Bypass Vulnerability
Affected Version(s)
Windows 10 Version 1809 < 10.0.17763.5329
Windows Server 2019 < 10.0.17763.5329
Windows Server 2019 (Server Core installation) < 10.0.17763.5329
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Techzine Europe CVE-2024-20666Microsoft patches BitLocker workaround for Windows 10 systems
Microsoft has patched a BitLocker workaround using a PowerShell script. This vulnerability allowed hackers to gain access to encrypted data in Windows 10
8 months ago
Microsoft、「BitLocker」の脆弱性「CVE-2024-20666」へ対処するスクリプトを公開/アップデート展開の自動化に役立つ「PowerShell」サンプルスクリプト
同社のサポートサイト 「BitLocker」のセキュリティ機能がバイパスされてしまう脆弱性「CVE-2024-20666」に対処するため、「Windows 回復環境」(WinRE)の更新を自動化する「PowerShell」サンプルスクリプトが、米Microsoftのサポートページで公開された。 ...
8 months ago
Microsoft shares script to update Windows 10 WinRE with BitLocker fixes
Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment (WinRE) partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass.
8 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
Vulnerability started trending.
First article discovered by Neowin
Vulnerability published.
Vulnerability Reserved.