• Can my Non OS Bitlocker Drives Be accessed using Windows Recovery Environment ?

    Home » Forums » AskWoody support » Windows » Windows 10 » Windows 10 version 22H2 » Can my Non OS Bitlocker Drives Be accessed using Windows Recovery Environment ?

    Author
    Topic
    bashbish
    AskWoody Lounger
    March 3, 2024 at 2:12 pm #2644649

    I have gone through the forums regarding KB5034441. I am not sure I understand much of it but here is my situation:

    I have PC with W10 OS not encrypted with bitlocker.

    I have 3 additional SSD/HDDs on that same PC that are all encrypted with bitlocker.

    I have tried but cannot install update KB5034441. (last tried earlier today)

    My Recovery partition is 500mb. It is the first partition. I think I would probably mess things up if I tried to use partition software. Therefore I am waiting for MS to fix this issue in another update.

    Can my Non OS Bitlocker drives be accessed by someone with no key/password by using Windows Recovery Environment ?

    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • OldNavyGuy
      Guest
      March 3, 2024 at 6:57 pm #2644732

      No.

       

      Reply | Quote
    • Paul T
      AskWoody MVP
      March 5, 2024 at 5:12 am #2645349

      I would have expected the answer to be “possibly”.

      ONG, can you elaborate?

      cheers, Paul

      1 user thanked author for this post.
      bashbish
      Reply | Quote
    • bashbish
      AskWoody Lounger
      March 5, 2024 at 8:51 am #2645396

      I went to WRE on the PC  I mentioned. I tried to find a way to access one of my Bitlocker drives without a password/key. I could not do it. Of course this does not mean it can’t be done.(my knowledge in this area is very limited)

      I went as far as trying to use an image (created by Windows Back Up) that resides on one of my Bitlocker encrypted drives to “recover” the PC. The PC rebooted but could not find the image. You would assume from this that the Bitlocker encrypted image could not be accessed. This is one experiment performed by “tech limited” user.

      I found this webpage https://security.stackexchange.com/questions/267720/why-when-does-patching-cve-2022-41099-bitlocker-bypass-require-extra-steps.

      It seems to me that they think even if you update to patch the vulnerability it is meaning less. Reason being that a hacker can leave  one of there PCs  unpatched., so if they get hold of a Bitlocker encrypted drive they can access it from their unpatched PC using WRE. This leads me to believe that Bitlocker now has a vulnerability that can never be totally patched.

      It might be time to use a non MS method of encryption.

       

      Reply | Quote
      • b
        AskWoody_MVP
        March 5, 2024 at 10:40 am #2645426
        bashbish wrote:

        I found this webpage https://security.stackexchange.com/questions/267720/why-when-does-patching-cve-2022-41099-bitlocker-bypass-require-extra-steps.

        It seems to me that they think even if you update to patch the vulnerability it is meaning less. Reason being that a hacker can leave  one of there PCs  unpatched., so if they get hold of a Bitlocker encrypted drive they can access it from their unpatched PC using WRE. This leads me to believe that Bitlocker now has a vulnerability that can never be totally patched.

        It might be time to use a non MS method of encryption.

        Interesting theory.

        But Microsoft has always said that to be truly secure Bitlocker needs more than just TPM-only authentication. MS also said that this CVE flaw cannot be exploited if a pre-boot PIN is used, which is why I added one after first reading about it.

        1 user thanked author for this post.
        bashbish
        Reply | Quote
        • b
          AskWoody_MVP
          March 6, 2024 at 6:31 am #2645877

          References here:

          TPM-only: … This option is more convenient for sign-in but less secure than the other options, which require an additional authentication factor

          Preboot authentication

          If TPM+PIN BitLocker protectors are being used, can the vulnerability be exploited if the attacker does not know the TPM PIN?

          No. To exploit the vulnerability the attacker needs to know the TPM PIN if the user is protected by the BitLocker TPM+PIN.

          CVE-2024-20666 FAQ

          1 user thanked author for this post.
          bashbish
          Reply | Quote
    • bashbish
      AskWoody Lounger
      March 8, 2024 at 6:57 am #2646601

      I am using PIN on all Bitlocker Encryption.

      Thank all for replies

      1 user thanked author for this post.
      b
      Reply | Quote
    Viewing 3 reply threads
    Reply To: Can my Non OS Bitlocker Drives Be accessed using Windows Recovery Environment ?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.