Reading view

There are new articles available, click to refresh the page.

A Deep Dive into TPM-based BitLocker Drive Encryption

15 September 2023 at 15:14

When I investigated CVE-2022-41099, a BitLocker Drive Encryption bypass through the Windows Recovery Environment (WinRE), the fact that the latter was able to transparently access an encrypted drive without requiring the recovery password struck me. My initial thought was that there had to be a way to reproduce this behavior and obtain the master key … Continue reading A Deep Dive into TPM-based BitLocker Drive Encryption

CVE-2022-41099 – Analysis of a BitLocker Drive Encryption Bypass

Sec Team Blog

Clément Labro

14 August 2023 at 14:12

In November 2022, an advisory was published by Microsoft about a BitLocker bypass. This vulnerability caught my attention because the fix required a manual operation by users and system administrators, even after installing all the security updates. Couple this with the fact that the procedure was not well documented initially, and you have the perfect … Continue reading CVE-2022-41099 – Analysis of a BitLocker Drive Encryption Bypass

Bypassing PPL in Userland (again)

Sec Team Blog

Clément Labro

17 March 2023 at 15:54

This post is a sequel to Bypassing LSA Protection in Userland and The End of PPLdump. Here, I will discuss how I was able to bypass the latest mitigation implemented by Microsoft and develop a new Userland exploit for injecting arbitrary code in a PPL with the highest signer type. The current state of PP(L)s … Continue reading Bypassing PPL in Userland (again)