Yes, as revealed by Sami Laiho Windows security expert, the much “hated” system updates are Achilles’ heel BitLocker the integrated encryption system in Pro and Enterprise versions of Windows 10. it would, in fact, simply pressing the keys Shift + F10 during the When installing the updates to start the command line interface and get full access to the disk .

The reason would be to search in Windows PE (Preinstallation Environment), the mode in which enters the operating system during the installation of the updates. In this state, in fact, the OS disables BitLocker to enable the most recent image installation of Windows 10 . Pressing this shortcut would provide root privileges even to non-admin users, leaving the door wide open to potential attackers.

As revealed by Laiho, Microsoft was informed of the problem and is working on a solution. Apparently, both Windows 10 Anniversary Update which builds the Creators Update issued to Insider until the end of last month are susceptible to this exploit.

Obviously, though, in order to exploit this flaw in Security must have physical access to the PC among other things, precisely at the moment when a new build of Windows 10 is being installed. Whether in the home environment that is not a big problem, in business education can be a cause for concern. Maybe, before you go to have a coffee while the last Windows update process, you should think twice.

SHARE