News Hacker demonstrates the supposedly-patched Windows 11 BitLocker is still vulnerable to hackers — default encryption can be overcome with network ac...

[Admin]

Windows 11's default BitLocker encryption is put under additional scrutiny by a hacker who showcases an old bug still being exploitable.

Hacker demonstrates the supposedly-patched Windows 11 BitLocker is still vulnerable to hackers — default encryption can be overcome with network ac... : Read more

 

[hotaru251]

"requires physical access"

again if a bad actor has physical access you have larger issues.

 

[toffty]

"requires physical access"

again if a bad actor has physical access you have larger issues.

Not quite in this case. The difference here is, if a bad actor steals a laptop, they could not copy the data off a drive due to the encryption. If this hack is real, a stolen laptop makes the data gettable.

 

[magbarn]

So frustrating that 24H2 has BL turned on by default.

 

[USAFRet]

So frustrating that 24H2 has BL turned on by default.

1. No, it does not.

2. BL enabled, slightly hackable. BL not enabled, more hackable.

 

[jp7189]

"requires physical access"

again if a bad actor has physical access you have larger issues.

In most jurisdictions bitlocker changes a stolen laptop with PII from an obligatory, publicly reported data breach to a non-event, and frankly that's all most companies really care about. Sadly, real security takes a back seat to legal liability.

 

[jp7189]

It should be noted that the TPM transmits data serially and the signal is possible to sniff if you have physical access. This attack is an easier way to achieve the same result. MS has been pretty open about this potential vulnerability and states it clearly on the main bitlocker page. Using PIN + TPM is effective in stopping all these types of attacks. Again this is stated on the bitlocker page. Recovering TPM and bruteforcing the PIN is still possible, but in my opinion puts this in the realm of a different class of adversary.

 

[magbarn]

1. No, it does not.

2. BL enabled, slightly hackable. BL not enabled, more hackable.

1. I've done several 24H2 clean installs from USB and they all defaulted to BL on.

 

[USAFRet]

1. I've done several 24H2 clean installs from USB and they all defaulted to BL on.

And my main Win 11 Pro system upgraded to 24H2 a few weeks ago, and remains BL free.

 

[jp7189]

And my main Win 11 Pro system upgraded to 24H2 a few weeks ago, and remains BL free.

BL enable is the default condition unless it's blocked. Upgrade to 24H2 when logged in with a MS online account (required for key backup), and it will be enabled. Upgrade with a local (offline) account from computer with BL disabled and it won't be automatically enabled.

A fresh install of 24H2 enables bitlocker by default at the oobe stage. Also now for the first time with Home edition.

I can't think of any oem system (Dell, HP, etc.) in recent years that doesn't ship with bitlocker pre-enabled

 

[USAFRet]

Upgrade to 24H2 when logged in with a MS online account (required for key backup), and it will be enabled. Upgrade with a local (offline) account from computer with BL disabled and it won't be automatically enabled.

And therein is the difference.

All local account, unless absolutely required to log in with the MS account.