Microsoft has disabled a repair for a BitLocker safety characteristic bypass vulnerability because of firmware incompatibility points that had been inflicting patched Home windows gadgets to enter BitLocker restoration mode.
Tracked as CVE-2024-38058, this necessary severity safety flaw can let attackers bypass the BitLocker Gadget Encryption characteristic and entry encrypted information with bodily entry to the focused machine.
“When customers applied the fix for this vulnerability to their devices, we received feedback about firmware incompatibility issues that were causing BitLocker to go into recovery mode on some devices,” the corporate defined in a Wednesday replace. “As a result, with the release of the August 2024 security updates we are disabling this fix.”
After disabling the repair, Microsoft advises those that need to shield their programs and information towards CVE-2024-38058 assaults to use mitigation measures detailed within the KB5025885 advisory.
Nonetheless, as a substitute of deploying a safety replace, they’re going to now need to undergo a 4-stage process that additionally requires restarting the impacted machine eight occasions. Moreover, Microsoft warns that after making use of the mitigation on gadgets with Safe Boot, they are going to now not be capable to take away it, even after reformatting the disk.
“After the mitigation for this issue is enabled on a device, meaning the mitigations have been applied, it cannot be reverted if you continue to use Secure Boot on that device. Even reformatting of the disk will not remove the revocations if they have already been applied,” the corporate cautions.
“Please be aware of all the possible implications and test thoroughly before you apply the revocations that are outlined in this article to your device.”
Throughout this month’s Patch Tuesday, Redmond additionally fastened a identified subject triggered by July’s Home windows safety updates, which triggered some Home windows gadgets as well into BitLocker restoration.
Whereas this matches the firmware incompatibility points that compelled Microsoft to disable the CVE-2024-38058 repair, the corporate did not present any info on the precise root trigger or the way it addressed it.
Microsoft solely suggested affected clients to put in the newest replace for his or her gadgets “as it contains important improvements and issue resolutions, including this one,” with out linking the bug or its repair to the CVE-2024-38058 vulnerability in any approach.
