Windows 10 bug lets unauthorised users bypass BitLocker during updates

Reading time icon 1 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

chrome_2016-12-01_12-10-37

Windows 10 has a small security issue. According to security researcher Sami Laiho, Windows 10 allows unauthorized users bypass BitLocker and access the hard disk during the upgrade process in the Windows Preinstallation Environment. When an update is installing, users can simply hit SHIFT + F10 to open up Command Prompt — and from there, they can access the hard disk and bypass BitLocker without having to do anything else. In the video below, Sami has demonstrated the issue:

https://www.youtube.com/watch?v=PS5BzcP5R5o

According to Sami, this bug affects Windows 10 Version 1511 and 1607 (November Update and Anniversary Update). Additionally, the bug is also affecting the latest Insider builds released by October 2016. Thankfully though, Microsoft is working on fixing this weird bug in the OS which is reassuring. But of course, this issue isn’t really a huge threat as the attacker will need physical access to your computer to be able to take advantage of this bug.

User forum

0 messages