Forum Discussion
YellowKey BitLocker Exploit
Hi All I hope you are well. Anyway, the YellowKey BitLocker Exploit has came to my attention. We already have automatic / silent BitLocker encryption enabled. So, is there anything we should be ...
Yes, I would also like to see a proper response from Microsoft. (has been 7 days since release now...)
We are moving toward deploying TPM+PIN, but rolling this out across an existing fleet is quite troublesome and will take a significant amount of time.
That said, the creator of the exploit has mentioned that they have a PoC capable of bypassing TPM+PIN as well (unreleased).
As an immediate mitigation, we have deployed a remediation script to disable WinRE, until Microsoft has a fix.
USB boot restrictions, BIOS passwords etc..., are relatively easy to bypass on most hardware...