Microsoft squashes bug that sent Windows devices to BitLocker recovery
- Reference: 1723646707
- News link: https://www.theregister.co.uk/2024/08/14/microsoft_bitlocker_bug_security_update/
- Source link:
The [1]problem , which affected almost every supported flavor of Windows 11 and Windows 10, as well as editions of Windows Server going back to 2008, occurred after the July 2024 Windows security update was installed.
Microsoft had said at the time, "You are more likely to face this issue if you have the Device Encryption option enabled in Settings under Privacy & Security."
[2]
Entering the BitLocker recovery permitted a Windows device to boot normally, and let's face it - after the [3]CrowdStrike incident , most administrators were very aware of where their recovery keys were.
[4]
[5]
Microsoft has now fixed the problem in the August 13 update. It [6]said , "We recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one."
BitLocker is a technology that encrypts a user's storage to keep it safe from prying eyes. The technology gained worldwide notoriety in [7]July 2024 after a borked CrowdStrike update sent millions of Windows devices into a neverending blue screen boot loop, the escape from which initially required the entry of a BitLocker recovery key.
[8]
Therefore, the timing of Microsoft's [9]July 2024 security update , which could send some Windows devices into BitLocker recovery, was particularly bad.
[10]Windows Patch Tuesday update might send a user to the BitLocker recovery screen
[11]Giving Windows total recall of everything a user does is a privacy minefield
[12]Windows users left to fend for themselves after BitLocker patch bungle
[13]Raspberry Pi Pico cracks BitLocker in under a minute
BitLocker has caused headaches for administrators and Microsoft's patch team in recent months. A Windows 10 patch [14]earlier this year aimed at addressing a BitLocker bypass vulnerability left users scratching their heads at an unhelpful error message due to the Windows recovery partition not being large enough.
The tech has also been used as part of [15]ransomware by criminals to turn BitLocker against Microsoft's own users.
Ultimately, users should rarely see the BitLocker recovery mode screen unless there have been some hardware updates. It was certainly an unwelcome surprise for those users who were faced with the recovery screen after the borked security update, and one Microsoft claims has been fixed from the August 13 update. ®
Get our [16]Tech Resources
[1] https://www.theregister.com/2024/07/24/windows_update_bitlocker/
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZrzUn@w@hKS-jz6zf6tuGQAAAAo&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2024/07/19/admin_crowdstrike_update_mess/
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZrzUn@w@hKS-jz6zf6tuGQAAAAo&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZrzUn@w@hKS-jz6zf6tuGQAAAAo&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-23h2#3358msgdesc
[7] https://www.theregister.com/2024/07/19/azure_vms_ruined_by_crowdstrike/
[8] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZrzUn@w@hKS-jz6zf6tuGQAAAAo&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[9] https://www.theregister.com/2024/07/24/windows_update_bitlocker/
[10] https://www.theregister.com/2024/07/24/windows_update_bitlocker/
[11] https://www.theregister.com/2024/05/22/windows_recall/
[12] https://www.theregister.com/2024/05/03/microsoft_windows_recovery_environment/
[13] https://www.theregister.com/2024/02/07/breaking_bitlocker_pi_pico/
[14] https://www.theregister.com/2024/01/12/microsoft_update_for_bitlocker_vuln/
[15] https://www.theregister.com/2024/05/23/ransomware_abuses_microsoft_bitlocker/
[16] https://whitepapers.theregister.com/
Is it safe...
Is it safe to assume that they've actually tested this patch-to-a-patch? Or am I way too optimistic?
It's A little Late (The Stories Still Running & Crowdstrike Were Advertising On Indeed Last Night).
I'm bored at work & to the tune of Never Ending Story by Limahl.
Crowdstrikes fucked around
Take a look at what I see
on all the users screens
A nightmare of my dreams
Bitlockers everywhere
Became a fucking blight
Finding keys written down
Is the answer to a Neverending bootup
ARGGGHHHHHHHHhhhh
Find the keys
That's not as easy as it seems
Swear a lot
It's Friday & now it's half past 3
Drives that keep their secrets
Files weren't uploaded to the cloud
And somewhere there's a envelope
With the answer to a Neverending bootup
ARGGGHHHHHHHHhhhh
Boootup
ARGGGHHHHHHHHhhhh
Got no beer
its midnight, the issues not gone away
In your hand
yet another badly scribbled key
Drives that keep their secrets
Files that weren't uploaded to the cloud
And somewhere there's a envelope
with the answer to a Neverending bootup
ARGGGHHHHHHHHhhhh
Neverending bootup
ARGGGHHHHHHHHhhhh
Neverending bootup
ARGGGHHHHHHHHhhhh
Neverending bootup
ARGGGHHHHHHHHhhhh
Neverending bootup
"encrypts a user's storage to keep it safe from prying eyes"
Kinda-sorta?
It prevents someone without the key being able to decrypt it when powered off, e.g. by connecting to a different machine.
Once it's booted, it's decrypted and anything running on the machine can read anything e.g. malware