Friends don't let friends perform unattended updates ... or Bitlocker be broken
Subject: General Tech | November 30, 2016 - 02:10 PM | Jeremy Hellstrom
Tagged: bitlocker, microsoft, windows 10, security, hack
Is Bitlocker cramping your voyeuristic cravings and preventing you from snooping on your loved ones or strangers? Assuming you do not instead seek medical help for your problem, all you need to do is wait for Windows to perform a version update and for the user to get bored and walk away. Hop onto their machine and press SHIFT+F10 to get a command prompt which will be running at root privileges and take advantage of the fact that Windows disables Bitlocker while installing an updated version of Windows. This will not work for all updates, it needs to be a major OS update such as the move to Anniversary Edition which changes the version of Windows installed on the machine.
Microsoft is working on a fix, in the meantime sticking with Windows Long Term Service Branch or slighly modifying how updates are pushed via WSUS or SCCM will ensure this vulnerability cannot be leveraged. You can also take the simple measure of sticking around when major updates occur. Pop over to Slashdot for more information.
"This [update procedure] has a feature for troubleshooting that allows you to press SHIFT + F10 to get a Command Prompt," Laiho writes on his blog. "The real issue here is the Elevation of Privilege that takes a non-admin to SYSTEM (the root of Windows) even on a BitLocker (Microsoft's hard disk encryption) protected machine." Laiho informed Microsoft of the issue and the company is apparently working on a fix."
Here is some more Tech News from around the web:
- Internet Archive preps Canadian safe haven to avoid Donald Trump @ The Register
- Intel, Nvidia ready to unveil new platforms for CES 2017 @ DigiTimes
- Mozilla rushes to patch active Firefox zero-day targeting Tor users @ The Inquirer
- GoPro woes continue as the company cuts 15 percent of workforce @ Ars Technica
- Student clusterers blow off steam with VR space shooter at SUSE booth @ The Register
- More Than 1 Million Android Devices Rooted By Gooligan Malware @ Slashdot
- Remote Logging With Syslog, Part 1: The Basics @ Linux.com
- Guru3D Contest 2016: Win a Limited Edition Corsair RM1000i PSU