Microsoft releases PowerShell scripts (KB5025175) to help address BitLocker vulnerability

Microsoft has published details of PowerShell scripts which the company has designed to help automate updating the Windows Recovery Environment (WinRE) to address a BitLocker security vulnerability.

The security feature bypass vulnerability affects both Windows 10 and Windows 11, and sample scripts are available for different editions of both versions of the operating system.

See also:

• Microsoft is giving free USB drives to Windows 11 users
• Sorry, but it looks as though Microsoft is keeping the Windows 11 taskbar fixed at the bottom of the screen
• Microsoft is rolling out video filters to Microsoft Teams

Tracked as CVE-2022-41099, the issue is described as a BitLocker Security Feature Bypass Vulnerability. While Microsoft's own MRSC listing and the CVE page refer to a vulnerability in the singular, a newly published support document says that the script addresses "the security vulnerabilities" in CVE-2022-41099.

Microsoft says:

The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on Windows 10 and Windows 11 devices. Run the script with Administrator credentials in PowerShell on the affected devices

For admins running Windows 10 version 2004 and later or Windows 11, there is the PatchWinREScript_2004plus.ps1 script. This is the option recommended by Microsoft as this script is "more robust but uses features available only on Windows 10, version 2004 and later versions".

The company has also shared the PatchWinREScript_General.ps1 script which Microsoft says is designed for "Windows 10, version 1909 and earlier versions, but executes on all versions of Windows 10 and Windows 11".

Details of the scripts and how to use them can be found here.

Image credit: liorpt / depositphotos