Thursday, 12 November 2015

Windows BitLocker Decryption Leak Made Possible


A vulnerability in Windows that Microsoft patched this month made it possible in certain circumstances for attackers to hard disks that were encrypted with BitLocker to decrypt. BitLocker encryption software from Microsoft which is present on certain versions of Windows.

To gain access to encrypted hard drives, there are several options, such as using a PIN, USB key, or Trusted Platform Module (TPM). On Windows, however, found himself a vulnerability through which an attacker could bypass Kerberos authentication and attacked computers could decrypt hard disks encrypted with BitLocker.

In the case of the now-remedied vulnerabilities an attacker could abuse it here only if the attacked system without BitLocker PIN or USB key used, the computer was located and the attacker had physical access to the machine in a domain. According to Microsoft, there are no known cases in which the vulnerability is actually attacked. In order to solve the problem is Microsoft Security Bulletin MS15-122 appeared.

1 comment:

  1. I've just come across another similar case.

    https://cybermatters.info/2016/08/08/windows-10-anniversary-update-bitlocker-bypass-warning/

    ReplyDelete