Published: 09/01/2024 Updated: 14/01/2024

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 0

BitLocker Security Feature Bypass Vulnerability

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows server 2016 -
microsoft windows server 2019 -
microsoft windows server 2022 -
microsoft windows 11 21h2
microsoft windows 11 22h2
microsoft windows 10 1809
microsoft windows 10 21h2
microsoft windows 10 22h2
microsoft windows 10 1507
microsoft windows 10 1607
microsoft windows 11 23h2

WinRE Customization to apply patches, drivers and soon™ language packs

WinRE-Customization Customizes WinRE - recent updates can be found in the changelog This script applies patches and drivers Will resize recovery partition if required This script was initially created to automate remediation of CVE-2022-41099, however it can be used to patch WinRE monthly and automated as well The script will verify the size of your recovery partition and r

PowerShell script that can help you automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2024-20666.

Script-For-CVE-2024-20666 Automate updating the WinRE partition (without having to resize it first) and patch the CVE-2024-20666 BitLocker vulnerability Microsoft Link (Script found here) Works for Windows Server 2022 (Server Core installation) (KB5034439: Windows Recovery Environment update for Azure Stack HCI, version 22H2 and Windows Server 2022: Jan 9, 2024) Windows Serve

NVD-CWE-noinfo https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20666 https://nvd.nist.gov https://github.com/MHimken/WinRE-Customization

CVE-2024-20666

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect