BitLocker on Windows 11 remains vulnerable despite patches.

According to TechSpot , although Microsoft released a patch for the CVE-2023-21563 vulnerability last year, hacker Thomas Lambertz recently demonstrated that BitLocker, Windows' disk encryption feature, is still not completely secure.

PHOTO: SCREENSHOT FROM TECHSPOT

BitLocker vulnerability is still being 'reused' on Windows 11.

In a presentation at the recent Chaos Communication Congress, hacker Lambertz demonstrated how to exploit a vulnerability dubbed 'bitpixie' to bypass BitLocker encryption on a fully updated Windows 11 computer.

By exploiting Secure Boot technology and an outdated Windows bootloader, the hacker was able to extract the encryption key into memory and then retrieve it using the Linux operating system. Alarmingly, this attack method only required a single physical access to the computer.

Lambertz stated that many businesses are using BitLocker to protect their data, and Microsoft's default setting of this feature on new Windows 11 installations increases the risk of attacks. In particular, the popular 'Device Encryption' mode, which doesn't require an additional password, makes it easier for attackers to unlock BitLocker drives.

This discovery once again highlights the risks in cybersecurity; even seemingly impenetrable security technologies can be defeated by the brilliant minds of hackers. Therefore, users need to be more vigilant and apply multiple layers of protection to their important data.