Skip to main content

Microsoft seeking fix after vulnerability found in Windows 10 security feature

windows 10 feature update turns off bitlocker creating exploit mail
Anton Watman/Shutterstock
One of Windows’ most important security features is BitLocker support, which has provided full-disk encryption since Windows Vista first rolled out. Coupled with a compatible Trusted Platform Module, which is now required for new Windows 10 machines, BitLocker theoretically provides solid protection for a Windows machine that’s lost or stolen.

However, any security feature is only as good as the entire system that surrounds it, and any weak link can present a vulnerability that renders it less than secure. For Windows 10, the weak link involves the fact that the operating system turns off Bitlocker during Feature Updates, aka upgrades, creating a potential exploit, as the official Win-Fu blog reports.

According to Windows trainer and MVP Sami Laiho, the vulnerability occurs due to the ability to hit SHIFT+F10 during the reimaging process performed during a Feature Update and access the command prompt. This result in access by the non-admin account that’s in use during the update to the root SYSTEM folder and to all of the contents of the non-BitLocker-protected hard drive.

The following video provides an overview of the process:

Win Fu Official Blog Every Windows 10 in place Upgrade is a SEVERE Security risk

According to The Register, security experts further maintain that anyone with physical access to the machine could exploit the bug to access the BitLocker encryption keys. Fortunately, Microsoft is working on fixing the bug, which affects all relevant versions of Windows 10 including the production versions 1511 (November Update) and 1607 (Anniversary Update), as well as newer Windows Insider builds.

The bug does require physical access to the Windows 10 machine, but once that’s accomplished, for example via theft or by an internal employee, then the bug allows admin access to the system once an upgrade is kicked off. Until Microsoft issues a fix, Laiho recommends disallowing unattended upgrades and using the Long-term Servicing Branch version of Windows 10. That’s not much help to nonenterprise Windows 10 users, however, and so maintaining physical control over a Windows 10 machine becomes that much more important.

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Microsoft says disabling these two Windows 11 features will boost gaming performance
An Alienware + Windows 11 PC gaming setup.

Two settings in Windows 11 may affect gaming performance, says Microsoft. These settings are enabled by default.

Microsoft has made it possible for you to disable these options, but there are also reasons why you might want to keep them on. However, if your computer's performance in games is less than stellar, they might be worth checking out.

Read more
This new Windows 11 setting could improve performance and battery life
Windows 11 updates are moving to once a year.

Yesterday, Microsoft released the Windows 11 26252 build, which brings a flood of innovations that will give users a much-needed power boost. One of those changes is a new power setting that will provide the user more control when their PC is on battery power or not, as Phantom Ocean 3 mentions in a post on X (formerly Twitter), which was noticed by Windows Latest.

In theory, this greater degree of control will allow your system to automate power settings so that you don't forget to manually switch them while plugged in or on battery.

Read more
Best Prime Day laptop deals in 2024: Surface Pro, Razer, HP, Dell
Best Prime Day Deals

We can smell Prime Day in the air. The shopping holiday kicks off on July 16 and runs through July 17. However, the discounts are already starting to sprout up, so we've collected some early Prime Day deals on laptops below. We've also broken down what to expect for the main event and how to approach buying a new laptop during Prime Day. This page will be ever-evolving (bookmark it!) as we know more, the event approaches, and more deals become available. Looking for something beyond laptops? Deals exist beyond laptops, of course, and we'll be covering all of the big categories and items you want in our main Prime Day deals coverage.

Today's best laptop deals
Prime Day officially runs from July 16 to July 17. If you want the most options in your deals, you should wait until then to buy a laptop. But, if you're struggling to keep that new laptop itch at bay, there are great laptop deals all year round. While we encourage you to wait until next month to get the widest selection, there's nothing wrong with taking advantage of a deal right now, so long as it suits you.

Read more