Windows 10 bug lets unauthorised users bypass BitLocker during updates


Windows 10 has a small security issue. According to security researcher Sami Laiho, Windows 10 allows unauthorized users bypass BitLocker and access the hard disk during the upgrade process in the Windows Preinstallation Environment. When an update is installing, users can simply hit SHIFT + F10 to open up Command Prompt — and from there, they can access the hard disk and bypass BitLocker without having to do anything else. In the video below, Sami has demonstrated the issue:

YouTube player

According to Sami, this bug affects Windows 10 Version 1511 and 1607 (November Update and Anniversary Update). Additionally, the bug is also affecting the latest Insider builds released by October 2016. Thankfully though, Microsoft is working on fixing this weird bug in the OS which is reassuring. But of course, this issue isn’t really a huge threat as the attacker will need physical access to your computer to be able to take advantage of this bug.