Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
This week at the Chaos Computer Club’s (CCC) annual Chaos Communication Conference, hacker Thomas Lambertz presented “Windows BitLocker: Installed without a screwdriver“,” details how users can circumvent BitLocker encryption and access protected data. The old reported bug has been fixed, CVE-2023-21563it can still be exploited in current versions of Windows with only one-time physical access to the device and a network connection. However, the attack does not require unlocking the computer or gaining hours of access as with other drive decryption exploits (h/t Haze).
This attack falls within the category of “bitpixie” attacks that have been well documented since mid-2022. While this specific bug Technically It was fixed via updates in November 2022, which shows that this fix is, unfortunately, only at the surface level. Using Secure Boot to start an old Windows bootloader to extract the encryption key into memory and then using Linux to retrieve the contents of the memory and find the BitLocker key, the updated version of Windows 11 It can still be attacked effectively as if it had never been updated to handle bitpixie attacks at all.
MicrosoftTrying to fix this issue was not enough due to UEFI firmware storage space limitations. Current estimates for new Secure Boot certificates are a far cry from 2026. In the meantime, users can only protect themselves by making a BitLocker backup using their PIN or disabling network access in the BIOS. Thomas Lambertz warned that even a simple USB network adapter may be enough to carry out this attack.
This is unlikely to be a big problem for the everyday user, who is unlikely to have people on site trying to decrypt BitLocker-protected drives. However, for corporate, enterprise, and government environments where cybersecurity is paramount, full BitLocker decryption is still possible with just a single instance of PC access, and a USB network adapter is certainly a cause for concern.
CCC is the European Union’s largest association of hackers and cybersecurity brokers. For those who are hungry for more ambient information and have at least 56 minutes to spare, we recommend reading in full Windows BitLocker: Installed without a screwdriver The presentation was uploaded this morning to the CCC Media Center. The entire talk is in English, unlike previous existing coverage. It provides detailed technical information about how existing vulnerabilities work and why they are so difficult to fix.
