Summary
Microsoft is dealing with multiple zero-day exploits, including GreatXML and RoguePlanet, which allow attackers to bypass BitLocker encryption and escalate privileges to SYSTEM by targeting Microsoft Defender.
Take Action:
If you use Windows BitLocker encryption, switch it from TPM-only to TPM+PIN mode right away, so your drive requires a PIN at startup and can't be unlocked through the recovery environment. Keep an eye out for Microsoft patches for these two flaws (RoguePlanet and GreatXML), and limit physical access to your machines since the BitLocker bypass needs someone to physically touch the device.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)