Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Releases PowerShell Scripts to Fix WinRE BitLocker Flaw on Windows 11 and 10

Microsoft has released new PowerShell scripts to address a BitLocker security vulnerability on Windows PCs. The PowerShell scripts are designed to automate the Windows Recovery Environment (WinRE) update process on Windows 11 and Windows 10.

BitLocker is a built-in security feature that helps users to protect data stored on their computers from unauthorized access. Once enabled, the feature requires a password or a smartcard to decrypt the entire disk or individual files or folders. BitLocker protection is particularly useful to protect sensitive data on portable devices like USB drives and Windows laptops.

Microsoft confirmed the BitLocker vulnerability (CVE-2022-41099) back in November 2022. It enables threat actors to bypass the BitLocker encryption protection to access sensitive information on vulnerable Windows devices. Microsoft released a security update to address the security flaw in January this year. However, IT admins had to manually install the update into the Windows Recovery Environment.

How to use the PowerShell scripts to address the BitLocker bypass vulnerability

Microsoft explained that the new PowerShell scripts should help administrators to automatically update WinRE images on both operating systems. The company says that IT Pros will need to run these scripts with administrative privileges to protect affected devices against cyberattacks.

Microsoft recommends enterprise admins to install the PatchWinREScript_2004plus.ps1 script on Windows 11 and Windows 10 version 2004 and newer. The company emphasized that it’s comparatively more robust than the second script.

Additionally, the PatchWinREScript_General.ps1 is designed mainly for Windows 10 version 1909 or earlier, but it can also run on Windows 11. If you’re interested, you can check out this support page to learn more about using the PowerShell scripts to update WinRE images on Windows PCs.

by Rabia Noureen
Mar 17, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

What is a Roaming User Profile on Windows?

Sep 1, 2023
Oct 24, 2023
Troubleshooting Guide: Fixing the “User Profile Service Failed The Sign-In” Error

Jul 19, 2023
How to Configure Windows LAPS in an Azure Active Directory Scenario

May 3, 2023
Jul 17, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.