Microsoft releases PowerShell scripts (KB5025175) to help address BitLocker vulnerability

Microsoft mirror building logo

Microsoft has published details of PowerShell scripts which the company has designed to help automate updating the Windows Recovery Environment (WinRE) to address a BitLocker security vulnerability.

The security feature bypass vulnerability affects both Windows 10 and Windows 11, and sample scripts are available for different editions of both versions of the operating system.

See also:

Advertisement

Tracked as CVE-2022-41099, the issue is described as a BitLocker Security Feature Bypass Vulnerability. While Microsoft's own MRSC listing and the CVE page refer to a vulnerability in the singular, a newly published support document says that the script addresses "the security vulnerabilities" in CVE-2022-41099.

Microsoft says:

The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on Windows 10 and Windows 11 devices. Run the script with Administrator credentials in PowerShell on the affected devices

For admins running Windows 10 version 2004 and later or Windows 11, there is the PatchWinREScript_2004plus.ps1 script. This is the option recommended by Microsoft as this script is "more robust but uses features available only on Windows 10, version 2004 and later versions".

The company has also shared the PatchWinREScript_General.ps1 script which Microsoft says is designed for "Windows 10, version 1909 and earlier versions, but executes on all versions of Windows 10 and Windows 11".

Details of the scripts and how to use them can be found here.

Image credit: liorpt / depositphotos

Comments are closed.

© 1998-2023 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.