windows

Microsoft Patches Windows to Eliminate Secure Boot Bypass Threat

,

Microsoft patched a Secure Boot vulnerability (CVE-2024-7344) that allowed attackers with privileged access to bypass protections and load malicious firmware. This threat persisted for over seven months and affected various recovery software. While Microsoft removed the vulnerable digital signatures in a recent update, it remains unclear if Linux systems were also impacted. Concerns have been raised about the safety of third-party UEFI apps.

https://arstechnica.com/security/2025/01/microsoft-patches-windows-to-eliminate-secure-boot-bypass-threat/

Windows 11 Bitlocker Encryption Bypassed to Extract Volume Encryption Keys

,

Researchers have bypassed Windows 11's BitLocker encryption, extracting Full Volume Encryption Keys (FVEKs) from RAM during physical access attacks. This vulnerability arises from capturing memory contents during system operation, allowing key retrieval. Techniques, such as maintaining power to RAM, are used to prevent data loss during attacks. Secure Boot, while protective, has known bypass methods. Key extraction involves creating a bootable USB, restarting the system, and analyzing memory dumps for sensitive data. Despite Microsoft's security measures, residual keys can remain in memory, emphasizing that no encryption is entirely secure against physical access. Users should enhance hardware security and organizations should improve physical access controls.

Windows 11 BitLocker Encryption Bypassed To Extract Volume Encryption Keys

Scroll to Top